1. Web Server/Services Web Server/Services pyhsu

2. Computer Center, CS, NCTU 2 FAMP(FreeBSD+Apache+MySQL+PHP)  Apache 2.2 (40%) /usr/ports/www/apache22 apache22_enable="YES" (/etc/rc.conf) /usr/local/etc/rc.d/apache22 start  MySQL5.5 (20%) /usr/ports/databases/mysql55-server mysql_enable="YES" (/etc/rc.conf) /usr/local/etc/rc.d/mysql-server start  PHP 5 (20%) /usr/ports/lang/php5 /usr/ports/lang/php5-extensions  HTTPS (20%)  Bouns (20%)

3. Computer Center, CS, NCTU 3 Apache  Basic system (10%) Apache HTTP Server is the most popular HTTP server software in use. Open source software. Cross-platform and security.  Virtual Hosts (10%) .htaccess (5%)  Userdir (5%)  Blog (5%)  Redirect (5%)

4. Computer Center, CS, NCTU 4 Apache – Virtual Hosts  Providing services for more than one domain-name (or IP) in one web server.  Apache Name-Based configuration example /usr/local/etc/apache22/extra/httpd-vhosts.conf Notice virtual host’s DocumentRoot permission  To do this homework, you need 2 domain name http://twbbs.org/ http://www.dhs.org/ http://www.no-ip.com/ (If you don’t have static IP)http://www.no-ip.com/ http://www.nctucs.net/

5. Computer Center, CS, NCTU 5 Apache –.htaccess .htaccess(hypertext access)  You can use these tools http://www.linuxkungfu.org/tools/htaccesser/index.php http://www.htaccesseditor.com/

6. Computer Center, CS, NCTU 6 Apache – Userdir  Let users have their own web space

7. Computer Center, CS, NCTU 7 Apache – Blog  You can use Wordpress Movable Type Others you like or Write a system yourself  Don’t use BSP(blog service provider)

8. Computer Center, CS, NCTU 8 Apache – Redirect  You can use mod_rewrite mod_alias  Reference http://httpd.apache.org/docs/2.2/mod/mod_rewrite.html http://httpd.apache.org/docs/2.2/mod/mod_alias.html

9. Computer Center, CS, NCTU 9 MySQL  What is SQL(Structured Query Language) The most popular computer language which is used to create, modify, retrieve and manipulate data from relational database management systems. SQL Introduction: http://dev.mysql.com/doc/http://dev.mysql.com/doc/  A multithreaded, multi-user, SQL Database Management System.  Basic system(10%)  phpMyAdmin(10%) Create another user with limited privilege

10. Computer Center, CS, NCTU 10 MySQL – phpMyAdmin(1/2)  phpMyAdmin can manage a whole MySQL server as well as a single database over the World Wide Web.  Official Site: http://www.phpmyadmin.net/http://www.phpmyadmin.net/  Documentation: http://www.phpmyadmin.net/documentation/ http://www.phpmyadmin.net/documentation/  Characteristics Browser-based, Supporting PHP5.2+, MySQL 5.0+, Open Source  There are four authentication modes offered : http, cookie, sign-on and config(the less secure one, not recommanded).

11. Computer Center, CS, NCTU 11 MySQL – phpMyAdmin(2/2)  Create another user with limited privilege

12. Computer Center, CS, NCTU 12 PHP  Basic system (10%) /usr/ports/lang/php5 /usr/ports/lang/php5-extensions  Other (10%) Discuz! Joomla! phpBB Xoops Album

13. Computer Center, CS, NCTU 13 HTTPS  Root CA Be a Certificate Authority yourself Issue certifications for your services  /usr/local/etc/apache22/httpd.conf Include/etc/apache22/extra/httpd-ssl.conf  Able to browse your web site via HTTPs(20%)

14. Computer Center, CS, NCTU 14 Requirement(1/3)  You need two host names use same IP address.  When access http://yourdomain1/private/, user need enter id "nctucs" and password "sahw4" which is implemented by.htaccess.http://yourdomain1/private/  System user sysadm can put file at ~/WWW/ and others can access it by visiting http://yourdomain1/~sysadm/. sysadm's password is your student id.http://yourdomain1/~sysadm/  Your blog domain name is http://yourdomain2/http://yourdomain2/

15. Computer Center, CS, NCTU 15 Requirement(2/3)  Users use cookie authentication when access your phpMyAdmin site http://yourdomain1/phpMyAdmin/http://yourdomain1/phpMyAdmin/ (You need to add a MySQL user for authentication). And notice that if others access http://yourdomain2/phpMyAdmin/,they can not access it. http://yourdomain2/phpMyAdmin/ Only 140.113.*.* can access it But 140.113.235.* can’t access it  https://yourdomain1/ https://yourdomain1/

16. Computer Center, CS, NCTU 16 Requirement(3/3)  Redirect http://yourdomain1/ILoveSA to http://people.cs.nctu.edu.tw/~huanghs/course/sysadm 2011/http://yourdomain1/ILoveSA http://people.cs.nctu.edu.tw/~huanghs/course/sysadm 2011/ But http://yourdomain2/ILoveSA will not redirect.http://yourdomain2/ILoveSA

17. Computer Center, CS, NCTU 17 Bonus1  One of your domain name can use userdir, but another cannot. For example  web. example.org’s IP is 123.123.123.123  blog. example.org’s IP is 123.123.123.123  http://web.example.com/~huanghs/ is valid, but http://blog.example.com/~huanghs/ is invalid.http://web.example.com/~huanghs/http://blog.example.com/~huanghs/

18. Computer Center, CS, NCTU 18 Bonus2  suphp A tool for executing PHP scripts with the permissions of their owners. By using this, user does not need set permission to others. Official Site: http://www.suphp.org/http://www.suphp.org/  Install suphp and config it Don't permit a php file execution if user except file owner has its write permission. Let http://yourdomain1/~sysadm/*.php can run with owner sysadm ( system(“/usr/bin/id”) )http://yourdomain1/~sysadm/*.php

19. Computer Center, CS, NCTU 19 Bonus3 – FTP-over-TLS(1/2)  Server ftp/pure-ftpd ftp/ftpd-tls ftp/bsdftpd-ssl  Client ftp/lftpd  OPENSSL "With OpenSSL support" on ftp/ftp-tls  Able to download file via FTP-over-TLS

20. Computer Center, CS, NCTU 20 Bonus3 – FTP-over-TLS(2/2)  OpenSSL http://www.openssl.org/ In system › /usr/src/crypto/openssl In ports › security/openssl  How to generate SSL X.509 Certificate http://www.imacat.idv.tw/tech/sslcerts.html

21. Computer Center, CS, NCTU 21 Other Bonus  Other bonus you can try ： fastcgi …  If you add extra features, please let TAs know. TAs will give bonus score according to degree of difficulty.  This homework's score upper bound is 120.  Each bonus’s score upper bound is 5.