Lab Exercise #11: Apache Web Server, LAMP Server
Total Page:16
File Type:pdf, Size:1020Kb
CIS 238 - UNIX System Administration
Lab Exercise #11: Apache Web Server, LAMP Server
Install a basic Web Server:
1) Install: lynx, httpd, httpd-tools, httpd-devel, system-config-httpd
2) In /etc/httpd/conf/httpd.conf - Change ServerName to: www.p156.occcns.info - change the “listen port to 8080
Copy “web.txt” from Lab2 to /var/www/html/index.html
3) service httpd restart
4) telnet 127.0.0.1 8080 GET http://127.0.01 HTTP/1.0\n\n
.. and hit ENTER twice
5) Connect to the website using NETCAT echo -e "GET http://127.0.0.1 HTTP/1.0\n\n" | nc -w 5 127.0.0.1 8080
Demonstrate the website for the instructor using Firefox browser
6) Add www.p156.occcns.info to /etc/hosts as DHCP assigned IP address Repeat steps 4, 5 using www.p156.occcns.info replacing 127.0.0.1
Password secure the web server:
7) Create passwd file for your website: htpasswd -c /etc/httpd/conf/.htpasswd user1 Repeat for users2 –user9 (withoput –c) chmod 644 /etc/httpd/conf/.htpasswd
8) Create .htaccess file in your DocumentRoot:
AuthUserFile /etc/httpd/conf/.htpasswd AuthGroupFile /dev/null AuthName “EnterPassword” AuthType Basic require valid-user
9) vi /etc/httpd/conf/http.conf: Change DocumentRoot as follows:
10) service httpd restart.
11) Try accessing the web site and you'll be prompted for a password. Lab Exercise #11: Apache Web Server, LAMP Server
Install MySQL Database Server
12) yum install mysql mysql-server mysql-libs
13) Start the mysql daemon, service mysqld start
14) then type “mysql” mysql Change the MySQL Root Password, the default the root password for the for mysql database. mysql> USE mysql; mysql> UPDATE user SET Password=PASSWORD('newpassword') WHERE user='root'; mysql> FLUSH PRIVILEGES; exit;
15) check by logging in mysql -u root -p Enter Password: exit;
16) Create a new MySQL User: To create a new mysql user ‘guest’ with ‘all privileges’ on database ‘demo’ mysql –u root –p –e ‘create database demo’ mysql –u root –p mysql >GRANT ALL PRIVILEGES ON demo.* TO 'guest'@'localhost' IDENTIFIED BY 'guest' \ WITH GRANT OPTION; mysql> USE mysql; mysql> UPDATE user SET Password=PASSWORD('guest') WHERE user='guest'; mysql> FLUSH PRIVILEGES; mysql> exit;
Python – native interface, see also mod_wsgi
17) Create Python CGI program /var/www/cgi-bin/test.cgi
#!/usr/bin/python import cgitb cgitb.enable() print (“Content-type: text/html\n\n”) print (“Hello World”)
18) Point your browser to: http://127.0.0.1:8080/cgi-bin/test.cgi Lab Exercise #11: Apache Web Server, LAMP Server
Install PHP
19) Install PHP Scripting Language yum install php php-mysql php-pear php-common php-gd php-mbstring php-mcrypt php-xml php- cli php-devel
20) Restart the apache to load php.
service httpd restart
21) Test PHP: Create a file named /var/www/html/test.php with the following phpinfo() function inside php quotes.
// test.php
22) Point your browser to http://127.0.0.1:8080/test.php
Install PERL
23) Install Perl yum install mod_perl
24) Verify Apache CGI scripts are placed in the /var/www/cgi-bin/ directory as defined by the ScriptAlias directive in the httpd.conf file:
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
25) Create Perl CGI Program: /var/www/cgi-bin/test/test.cgi
#!/usr/bin/perl # CGI Script "test.cgi" print qq(
26) Point your browser to: http://127.0.0.1:8080/cgi-bin/test/test.cgi Lab Exercise #11: Apache Web Server, LAMP Server
Apache self-cert install:
Fedora 15 (RHEL 6)
27) Install SSL software: yum install openssl yum install mod_ssl
28) mkdir /etc/httpd/conf/ssl; cd /etc/httpd/conf/ssl
Generate RSA private key without a passphrase: openssl genrsa -out
(Don’t do this): openssl genrsa -des3 -out
Generates a RSA key with a passphrase - you will be prompted to enter a passphrase right after you hit enter and when Apache starts. You should generally NOT generate the RSA private key with a passphrase if you have scripts that restart apache automatically; Apache will just sit there and wait for the script to input the passphrase.
29) generate the CSR using the RSA Private Key openssl req -new -key
Enter your Common Name, Organization, Organization Unit, City or Locality, State or Province and Country. At email address and challenge password, just hit enter.
Country Name (2 letter code) [XX]:US State or Province Name (full name) []:Illinois Locality Name (eg, city) [Default City]:Skokie Organization Name (eg, company) [Default Company Ltd]:Oakton Community College Organizational Unit Name (eg, section) []:CIS Common Name (eg, your name or your server's hostname) []:
30) Generate self-signed cert (or send ,csr to 3rd party vendor for 3rd party cert): openssl x509 -req -days 365 -in
31) chmod all files to 600, owner and group = root
32) Add to Apache main server(s): vi /etc/httpd/conf.d/ssl.conf
# Server Certificate: # SSLCertificateFile /etc/pki/tls/certs/localhost.crt SSLCertificateFile /etc/httpd/conf/ssl/
# Server Private Key: # SSLCertificateKeyFile /etc/pki/tls/private/localhost.key SSLCertificateKeyFile /etc/httpd/conf/ssl/
repeat for each virtual server
Fedora 19 (RHEL 7) see text:
33) yum install mod_ssl openssl
34) grep ‘^SSLCertificate’ /etc/httpd/conf.d/ssl.conf
35) cd /etc/pki/tls/certs
36) make localhost.key (enter passphrase)
37) make localhost.crt (enter passphrase)
38) mv localhost.key ../private
39) service httpd restart (enter passphrase)
40) netstat –an | grep 443
41) point browser to https://127.0.01
42) cat /etc/pki/tls/certs/localhost.crt