Download presentation
Presentation is loading. Please wait.
Published byGrace Hugg Modified over 9 years ago
1
Dan Fleck
2
WAMP – Windows Apache MySQL PHP - http://www.wampserver.com/en/ http://www.wampserver.com/en/ LAMP – Linux Apache MySQL PHP ◦ There are many tutorials out there. I will explain the commands from this one: ◦ http://www.linux.com/learn/tutorials/288158- easy-lamp-server-installation http://www.linux.com/learn/tutorials/288158- easy-lamp-server-installation
3
#Install Apache ◦ sudo apt-get install apache2 #Start apache (also [start | stop | restart ] ) ◦ sudo /etc/init.d/apache2 start ◦ sudo? – run a command as root Test is: Open a browser to your IP address and see if you see the “It Works!” apache page. Typically do this on the server, and open to localhost IP address: http://127.0.0.1
4
Install PHP ◦ sudo apt-get install php5 libapache2-mod-php5 Restart Apache with the command: ◦ sudo /etc/init.d/apache2 restart Test it: add a simple PHP file in /var/www Open your browser to that page: http://127.0.0.1/myTest.php
5
Install MySQL ◦ sudo apt-get install mysql-server Log into MySQL with the command ◦ mysql -u root -p. ◦ As no password has been configured, you will only need to hit enter when prompted for the password. Enter the command SET PASSWORD FOR 'root'@'localhost' = PASSWORD ('YOURPASSWORD'); Where YOURPASSWORD is the password you want to use for the administrative user. Now quit the MySQL prompt by issuing the command quit and hitting enter. Start the MySQL server with the command sudo /etc/init.d/mysql start. Test it: Login to the mysql prompt, create a database, create a user, etc…
6
sudo tasksel Select LAMP server but not always possible on all Unix flavors!
7
Configuration files: /etc/httpd --- on RedHat /etc/apache2 --- on Ubuntu certs certificates for SSL logs log files conf main configuration files conf.d conf files in here get added to main configuration (preferred for custom configs rather than editing conf/httpd.conf)
8
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ Options FollowSymLinks ◦ AllowOverride None ◦ ◦ AllowOverride AuthConfig ◦ php_flag display_errors on ◦ Start off VERY restrictive
9
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ AllowOverride AuthConfig ◦ php_flag display_errors on ◦ Loosen up specific dirs Directives only apply to specific directories matching pattern Loosen up specific dirs Directives only apply to specific directories matching pattern
10
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ Options Indexes FollowSymLinks ◦ Order allow,deny ◦ Allow from all ◦ Loosen up specific dirs Directives only apply to specific directories matching pattern Loosen up specific dirs Directives only apply to specific directories matching pattern
11
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ Order allow,deny ◦ Deny from all ◦ Apply a directive to certain files only. What does this rule do?
12
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ Options ExecCGI ◦ SetHandler cgi-script ◦ Allow script processing in certain directories only!
13
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ # Change this to Listen on specific IP addresses as shown below to ◦ # prevent Apache from glomming onto all bound IP addresses (0.0.0.0) ◦ #Listen 12.34.56.78:80 ◦ Listen 80 Listen for requests on port 80
14
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ User apache ◦ Group apache Set the user and group to run the server
15
Directives in httpd.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ # DPF- Redirect everything to port 443 ◦ RewriteEngine on ◦ RewriteCond %{HTTPS} !=on ◦ RewriteRule ^(.*)$ https://cs.american.edu/$1 [L,R] Turn on the rewrite engine, Match any non-https URL Rewrite to use https L – stop any further rewrite rules, R – Force redirect Turn on the rewrite engine, Match any non-https URL Rewrite to use https L – stop any further rewrite rules, R – Force redirect
16
Directives in conf.d/php.conf ◦ http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html http://httpd.apache.org/docs/2.2/mod/quickrefere nce.html ◦ ◦ LoadModule php5_module modules/libphp5.so ◦ ◦ AddHandler php5-script.php ◦ AddType text/html.php ◦ DirectoryIndex index.php Load PHP processor module Use processor for any files with.php extentsion Output of PHP will be text/html Allow index.php for directory index also Load PHP processor module Use processor for any files with.php extentsion Output of PHP will be text/html Allow index.php for directory index also
17
DNS name maps URL to IP address Free: DynDns.org ◦ Pick a domain name (could also buy one) ◦ Then you need to tell DynDns what your server’s IP address is Run an update client on the server https://www.dyndns.com/support/clients/ https://www.dyndns.com/support/clients/ Configure your router https://www.dyndns.com/support/clients/hardware/ https://www.dyndns.com/support/clients/hardware/
18
Hosting providers will do all of this for you if you want. Typically fee per month or year Check which services they provide: ◦ Domain registration (get you a URL) ◦ How much disk space? ◦ PHP / MySQL support? Others? I used GoDaddy, but would probably switch today to DreamHost.com
19
See sample code: CreateNewDB.php
20
Run vulnerability scans ◦ http://sectools.org/vuln-scanners.html http://sectools.org/vuln-scanners.html BACKUP your server!
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.