DOCSLIB.ORG

My Ubuntu Server Project Report Stephen Potter ITS3 Introduction for My Project I Decided to Make a Secure Ubuntu Sever to Host

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
My Ubuntu Server Project Report Stephen Potter ITS3 Introduction for My Project I Decided to Make a Secure Ubuntu Sever to Host My Ubuntu Server Project Report Stephen Potter ITS3 Introduction For my project i decided to make a secure ubuntu sever to host joomla.I did this by installing a fresh ubuntu server through vmware. The project goal for me was to install joomla on my server so that i could access it from a client computer on my network i also wanted to add other services to the server such as openssh and ispconfig to help make the server more secure. For those of you that dont know Joomla is a very popular cms (content management system) for publishing content on the internet.It is an open source platform which means it is available to everyone.Joomlas main function is to keep track of every piece of content on your Web site. The Content can be text, photos, music, video, documents, or anything else you wish. A major advantage of using a CMS is that it requires almost no technical skill or knowledge to manage,this is because the CMS manages all your content so you don’t have to. Joomla can be used to build some of the following : Corporate Web sites or portals Corporate intranets and extranets Online magazines, newspapers, and publications E-commerce and online reservations Government applications Small business Web sites Non-profit and organizational Web sites Community-based portals School and church Web sites Personal or family homepages The reason joomla is so popular is because Joomla is designed to be easy to install and set up even if you’re not an advanced user. Many Web hosting services offer a single-click install, getting your new site up and running in just a few minutes. Since Joomla is so easy to use, as a Web designer or developer, you can quickly build sites for your clients. Then, with a small degree of instruction, you can teach your clients to easily manage their own sites themselves. In this report i will be going through in detail how i set up my ubuntu server to host joomla and make it as secure as possible. The Pre Joomla Install Joomla has a few things that need to be done before you can install it on the ubuntu server, the main prerequisites for this are installing LAMP on the server, LAMP is essentially, Linux, Apache2,Mysql and PHP. I also installed ISP3config and openssh onto the server aswell to allow connections from my ubuntu desktop that i will be using to connect to the server, both are running through vmware. Initially i had no problems with the LAMP installation, it was fairly straightforward. What i did was installed putty on my desktop and used this to connect to my ubuntu server using its ip address of 192.168.1.180. Once i was connected i was free to install the Lamp server using the aptitude install command for the LAMP server.During this installation i had to set up a root password for mysql, this is needed later on in the joomla installation when i need to create a database to hold the joomla data.After setting the pasword and granting permissions for me as a user in mysql i then had to edit the mysql configuration file and change the bind address from localhost to my own server IP address of 192.168.1.180, i did this by typing vi /etc/mysql/my.conf and editing and saving the file. Once i had the LAMP installed i proceeded to check if the services were running, i ran into a problem here though,when i tried to look at myphpadmin in my browser i kept getting a page cannot be found error,with a little research i found the answer,what had happened is that the myphpadmin file had no been loaded into the apache file, i fixed it with this command: sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf sudo /etc/init.d/apache2 reload The Joomla Install Once all this was up and running the next phase of the project was ready to begin, which was the joomla install. This part of the project seemed to be really complicated at first from what i was reading on the web but in actually fact it turned out to be quite straight forward all i needed to achieve it was filezilla, putty and a download of a linux edition of joomla. So the first thing i did was download a version of joomla to my ubuntu desktop. The next phase was to open up filezilla and connect it to my server, then using ftp I transferred the joomla file over to the server where it was stored in my home file for extraction later.Then I once again used putty to connect to my server, next I had to create a new database in mysql as joomla requires one to store its data in, I did this using the command: mysql -u root -p(mypassword) CREATE joomla. This created a new empty database for my joomla files to be inputed into.Next i needed to create a folder named joomla in the apache directory, which is located at /var/www. Once in here i used the command mkdir joomla, this is the directory i will be using to extract the joomla file i recently transfered across using filezilla. Then using the command: cd joomla to go into this directory i then started the extraction process using the command: tar -zxvf (path of joomla file) this then extracted the joomla file into the joomla directory.Once the files are finished extracting I needed to use 2 more commands which were: touch configuration.php and chmod 666 configuration .php, those command allows everyone read and write access to the file. Once these steps were done i minimised putty and went back to my ubuntu desktop so that i could login to joomla on my server through the web browser and continue with the installation process.This was fairly straight forward as it was a GUI interface i basically just had to click next a couple of times until joomla was configured, then i set up a username and password so i could log in,it was pretty straight forward.After that i had to consider the security aspect of how to protect my server,I found out through research a couple of ideas. Securing the server As a system administrator, one the chief tasks is dealing with and maintaining server security. If the server is connected to the Internet, for security purposes, it’s in a dangerous place. If it’s only an internal server, you still need be prepared for (accidental) malicious users or disgruntled employees. In general, Ubuntu Servers are very secure platforms. The Ubuntu Security Team, the team that produces all official security updates, has one of the best turnaround times in the computer industry. Ubuntu ships with a no open ports policy, meaning that after you install the machine, be it an Ubuntu desktop or a server, no applications will be accepting connections from the Internet by default. When initially installing ubuntu ,the user that you add during installation by default is placed into the admin group and may use the sudo command to perform system administration tasks. After adding new users to the system, you may add them to the admin group like this: $ sudo adduser username admin One thing to note however is that the sudo command isn’t just a solution for giving user’s root access. It can also handle fine permissions, such as allowing a user to execute only certain commands with superuser privileges. System Resource Limits Another good way of securing the server would be to set up system resource limits, this is because by default, Linux will not put any resource limits on user processes. This means any user is free to fill up all of the working memory on the machine, or create processes in an endless loop, making the system unusable and unresponsive in seconds. The answer to this is to set up some of your own resource limits by editing the /etc/security/limits.conf file: $ sudoedit /etc/security/limits.conf All of the possible settings are all explained well in the commented out sections within the file. System Log Files As a system administrator, the system log files are a very valuable asset to have. If you watch them carefully you can often tell in advance when something is wrong with the system if you know what to look for and you’ll be able to fix most problems before they escalate to much. Logs usually are stored in /var/log, and after your server runs for a while, you’ll notice there are a lot of increasingly older versions of the log files in that directory, many of them compressed with gzip which end withh the .gz file extension. Here are some log files that are common in linux: • /var/log/syslog – general system log • /var/log/auth.log – system authentication logs • /var/log/mail.log – system mail logs • /var/log/messages – general log messages • /var/log/dmesg – kernel ring buffer messages, usually since system bootup When it comes to reviewing logs, there are a few tools of choice that everyone should know and become familiar with for example, the tail utility prints the last ten lines of a file, which makes it a good tool to get an idea of what was going on last in a given log file: $ tail /var/log/syslog With the -f parameter, tail goes into follow mode, which means it willl open the file and keep showing you changes on the screen as they’re happening.
Load more

Recommended publications
  • View Annual Report
    VERISIGN.COM worldwide UNITED STATES: AUSTRALIA: Corporate Headquarters Level 5, 6-10 O’Connell Street 487 East Middlefield Road Sydney, New South Wales, 2000 Mountain View, CA 94043 Australia USA Phone: +612-9236-0509 Phone: +1-650-961-7500 Fax: +612-9236-0532 Fax: +1-650-961-7300 www.VeriSign.com.au www.VeriSign.com INDIA: 21345 Ridgetop Circle VeriSign Services India Pvt Ltd., Dulles, VA 20166 80 Feet Road Koramangala Phone: +1-703-948-3200 Koramangala, Bangalore - 560 034 Karnataka, 2008 EUROPE: India 8 Chemin de Blandonnet Phone: +91-80-42565656 annual CH-1214 Vernier, Geneva www.VeriSign.in Switzerland SOUTH AFRICA: Phone: +41-22-545-0200 report Tygerberg Hills Office Park Fax: +41-22-545-0300 163 Hendrik Verwoerd Drive annual report www.VeriSign.ch Plattekloof 7500 Waterfront, Chancellors Road South Africa Hammersmith, W6 9XR London Phone: +27-21-937-8900 United Kingdom Fax: +27-21-937-8965 Phone: +44-(0)-1784-89-5014 www.thawte.com Fax: +44-(0)-1784-89-5114 www.VeriSign.co.uk JAPAN: Nittobo Bldg. 13F 8-1 Yaesu, 2-chome, Chuo-ku Tokyo 104-0028 Japan Phone: +81-3-3271-7011 Fax: +81-3-3271-7027 www.VeriSign.co.jp VERISIGN.COM ® 08 Cert no. SCS-COC-00648 board of directors executive officers investor info ® D. James Bidzos D. James Bidzos Quarterly earnings releases, corporate Executive Chairman of the Board Executive Chairman of the Board news releases, and Securities and Exchange and Chief Executive Officer and Chief Executive Officer Commission filings are available by on an interim basis, on an interim basis contacting VeriSign Investor Relations or VeriSign, Inc.
    [Show full text]
  • Content Governance
    GUIDE FOR CONTENT GOVERNANCE Improve your content quality, your operational efficiency and protect the value of your brand 3 Content Introduction 5 Crucial challenges and opportunities 9 The purpose of content governance 15 The scale of content governance 17 Developing a content governance framework 19 Step 1 Choose your governance model 21 Step 2 Assess your current situation 23 Step 3 Define the work processes and roles 27 Step 4 Determine the policies and standards 37 Step 5 Set the Key Performance Indicators 41 Step 6 Automate 45 Content governance checklist 47 INTRODUCTION 5 Discover why content governance is essential to your organisation Content is important. As a company or organisation, you create and publish content to add character to your brand, to train your employees, to attract applicants or investors and to inform journalists or the general public. You use content in different ways, involving many people inside and outside the organisation. It is becoming increasingly clear that content is no longer a question of top-down publishing, but involves conversation and commitment. Today, marketers and communication managers even use content channels to build a community. They have apps, websites, Facebook, blogs, e-books, webinars, serious games, mash-ups, podcasts, virtual learning, content curation, crowdsourcing, online video and a wide range of traditional print channels. In order to maintain a certain level of control in the ever more complex world of content, publishing, conversation, channels and technology, you need content governance. Content governance has become an indispensable tool to protect and strengthen the value of your brand and improve the operational efficiency and quality of your content.
    [Show full text]
  • Detailed Technical Specifications
    Annex No.1 Technical Specifications Conceptual, functional and technical requirements for elaboration of the new eu4ungheni.md & eu4cahul.md websites 1. Background The EU4Moldova: focal regions Programme (further Programme) is based on the European Commission Implementing Decision on the Annual Action Programme 2018 in favor of the Republic of Moldova and is funded by the European Union and implemented by the United Nations Development Programme. The overall objective of the five-year Programme is to strengthen the economic, territorial and social cohesion in the Republic of Moldova through smart, green, inclusive, sustainable and integrated local socio-economic growth as well as by improving the standards of living of the citizens in the focal regions: Cahul and Ungheni. The current document is defining the technical specifications for developing of the new versions of the existing www.eu4ungheni.md and www.eu4cahul.md websites. Both websites were developed at the launch Programme phase and need to be upgraded in order to be more interactive, mobile and user-friendly as well as re- engineering of the websites management systems. The future websites should serve as: • Main communication, visibility, and source of information on Programme activity; • Interactive platforms for promotion of the interaction and collaboration among citizens, public sector, private sector and civil society organizations. 2. Already developed websites current state Considering the necessity of content migration requirements below are described the important
    [Show full text]
  • ONLINE MARKETING SERVICES the Following Additional Terms and Conditions Shall Apply to Any and All Purchases of Online Marketin
    ONLINE MARKETING SERVICES The following additional terms and conditions shall apply to any and all purchases of Online Marketing Services, SEO Optimizer, Local Business Listings or nsMarketing™ Services (as defined below). 1. Description of Service. A. Web.com may make available for purchase, from time to time, a variety of online marketing services in the form of our nsMarketing™ solution, Local Business Listings, and/or SEO Optimizer product, including online banner advertisement creation and publication, pay per click search engine advertising, email communication tools, registration with several World Wide Web search engines and Internet Yellow Pages Directories (as described on our Website), search engine optimization, link building, search submissions, keyword optimization, local, regional and national directory listing and submission, Website and site map analysis, call-tracking, search engine optimized press release service, search engine visibility and/or premium listings services (collectively, "Online Marketing Services", "nsMarketing" or "Services"), as published on the Web.com Website. Subject to the terms and conditions of this Agreement (which includes this and all other applicable Schedules) and during the term of this Agreement, Web.com agrees to provide to you the Online Marketing Services you purchase during the sign-up process. Web.com reserves the right to amend its Online Marketing Services offerings and to add, delete, suspend or modify the terms and conditions of such Online Marketing Services, at any time and from time to time, and to determine whether and when any such changes apply to both existing and future customers. B. In order to use the Services, you must obtain access to the Internet/World Wide Web, either directly or through devices that access Web-based content, and pay any service fees associated with such access.
    [Show full text]
  • [Inter]Faces of Content Management Systems
    Vol. 10, No. 2 March, 2002 www.gilbane.com Published by: Bluebill Advisors, Inc. 763 Massachusetts Ave. Cambridge, MA 02139 USA ™ (617) 497.9443 Fax (617) 497.5256 www.bluebilladvisors.com Editor: Frank Gilbane [email protected] Content, Computing, and Commerce – Technology & Trends (617) 497.9443 Editors Emeriti: Tim Bray [email protected] THE MANY [INTER]FACES OF CONTENT (604) 708.9592 David Weinberger [email protected] (617) 738.8323 MANAGEMENT SYSTEMS Associate Editors: Bill Trippe [email protected] User interface design has always been a bit of a black art. There was criticism (617) 497.9443 of the browser interface when it first became popular. UI experts had devel- David R. Guenette oped very well thought-out and sophisticated interfaces for viewing elec- [email protected] (617) 868.6093 tronic documents and data, and some were puzzled at the appeal of browsers. They perhaps felt reassured that such a primitive approach could Contributors: Sebastian Holst not ultimately succeed. In hindsight it is easy to see it was the simplicity of [email protected] Web browsers that allowed it to monopolize content presentation on the (301) 548-4020 Girish Altekar Internet — everybody can use a Web browser, and everybody was the audi- [email protected] ence the browser was (not entirely intentionally) designed for. (512) 478.3112 Mary Laplante [email protected] In the case of content management systems there are many audiences, and (412) 264.8432 each of these may have specialized needs that go well beyond those of the Mike Maziarka [email protected] content consumer. The success of a content management implementation (781) 871.9000 depends on its acceptance by authors, developers of different types, manag- Production Assistant: ers, and administrators.
    [Show full text]
  • Licensing Guide
    Licensing Guide Plesk licenses, editions and standard features ............................................................... 2 Plesk Onyx – Special Editions (2018) .................................................................................. 4 Plesk Onyx Licensing on Hyperscalers ............................................................................... 4 Extra Features, Feature Packs and Extensions ................................................................ 5 Available Plesk Feature Packs ............................................................................................ 6 Plesk-developed extensions ............................................................................................... 8 Third-party premium extensions.................................................................................... 14 Plesk licenses, editions and standard features Plesk uses a simple, flexible license model with loads of options: 1) Server-based licenses – example: Plesk licenses a. Installation on dedicated servers (also known as physical servers) b. Installation on virtual servers (also known as virtual private servers or VPS) 2) You can buy all our licenses on a monthly/annual basis - or in discounted bundles. You can end this license at any time and it renews automatically through our licensing servers. 3) All three editions of our server-based licenses present a number of core features: a. Plesk Web Admin Edition For Web & IT Admins who manage sites for an employer, business, or themselves. If you need simple
    [Show full text]
  • Handleiding Wordpress
    WordPress in het Kort Een website maken met Wordpress. In minder dan één uur online! Inclusief installatie van een thema en plugins Alle rechten © 2013, Rudy Brinkman, BrinkhostDotCom, http://www.brinkhost.nl WordPress in het Kort – Pagina 1 Wat is WordPress? WordPress is een 'content management systeem' – een programma, geïnstalleerd op een webserver, waarmee u de inhoud van uw website kunt beheren. Voordelen – GPL-licentie, dus gratis te gebruiken; – zoekmachine vriendelijk (dus een betere ranking mogelijk in bijvoorbeeld Google, maar zeker niet gegarandeerd!); – goede en snelle 'scripting' (de onderliggende programmatuur) waardoor uw website ook snel functioneert (laden van een website moet snel zijn!) – de software wordt door de gebruikers erg veilig gehouden. Dit in tegenstelling tot bijvoorbeeld Joomla wat bekend staat als één van de meest onveilige CMS systemen maar desondanks nog steeds erg populair is; – eenvoudig en snel uw website opzetten; – eenvoudig te onderhouden; – uitbreidbaar, door de vele additionele scripts/programma's (plugins); – veel (gratis) website ontwerpen (“templates”) beschikbaar; – zeer stabiel; – groot aantal gebruikers, wereldwijd – dus veel mensen die u kunnen helpen op forums en dergelijke op het internet. Nadelen – er worden bepaalde eisen aan de hosting gesteld, waar niet elk hosting bedrijf aan kan- of wil voldoen (voor een redelijke prijs); – wilt u volledig profiteren van alle mogelijkheden dan is toch soms enige diepgaandere kennis nodig van website ontwerp en databases; – aanpasbaarheid van templates is niet altijd even goed ingeregeld en vraagt eveneens diepgaandere kennis van ontwerpen van websites. Deze handleiding In deze handleiding gaan wij geen complete instructie geven over hoe u een WordPress website maakt. De handleiding gaat uit van een installatie op onze eigen webservers, middels Installatron.
    [Show full text]
  • Using Wordpress As a Content Management System Jonathan P
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by University of San Francisco The University of San Francisco USF Scholarship: a digital repository @ Gleeson Library | Geschke Center Entrepreneurship, Innovation, and Strategy School of Management 2008 Instant Websites: Using WordPress as a Content Management System Jonathan P. Allen University of San Francisco, [email protected] Follow this and additional works at: http://repository.usfca.edu/esib Part of the Technology and Innovation Commons Recommended Citation Allen, Jonathan P., "Instant Websites: Using WordPress as a Content Management System" (2008). Entrepreneurship, Innovation, and Strategy. Paper 15. http://repository.usfca.edu/esib/15 This Conference Proceeding is brought to you for free and open access by the School of Management at USF Scholarship: a digital repository @ Gleeson Library | Geschke Center. It has been accepted for inclusion in Entrepreneurship, Innovation, and Strategy by an authorized administrator of USF Scholarship: a digital repository @ Gleeson Library | Geschke Center. For more information, please contact [email protected]. WITS- 2008 • Edited by Ram D. Gopal, University of Connecticut R. Ramesh, SUNY at Buffalo • Local Arrangements Chair Nicolas Prat, ESSEC Business School • Prototype and Technology Instruction Chair Kumar Mehta, George Mason University • Submission System Coordinator Sanjukta Das Smith, SUNY at Buffalo Instant Websites: Using WordPress as a Content Management System J.P. Allen University of San Francisco, [email protected] Executive Summary Abstract ln thi s teaching module, you will create a website to promote a business, product, or service using a simple Content Management System (CMS). With the nextbusnews.com site a a model, you will launch a promotional website usLng the open source blogging platform WordPress as a simple CMS.
    [Show full text]
  • Wiki Software for Knowledge Management in Organisations
    Spoilt for Choice - Wiki Software for Knowledge Management in Organisations Katarzyna Grzeganek, Ingo Frost, Daphne Gross Pumacy Technologies AG EMAIL: [email protected] Abstract The article presents the most popular wiki solutions and provides an analysis of features and functionalities based on organisational needs for the management of knowledge. All wiki solutions are compared to usability, search function, structuring and validation of knowledge. Keywords Wiki, Organisation, Knowledge Management, Analysis, Assessment, Feature, Platform, Documentation, Usability, Research, Structuring, Security, Integration, Quality, Validation URL http://www.pumacy.de/en/publications/wikis_fuer_wissensmanagement.html Spoilt for choice - Wiki Software in Organisations ................................................................... 1 1. Preface................................................................................................................................ 2 2. Wiki software for organisations ......................................................................................... 2 3. Presentation of wiki solutions ............................................................................................ 5 4. Wikis & Knowledge Management: Criteria and Analysis................................................. 8 4.1. Knowledge management across the organisation—ease of use.................................. 8 4.2. Structured Knowledge Base........................................................................................ 9 4.3.
    [Show full text]
  • WHY USE a WIKI? an Introduction to the Latest Online Publishing Format
    WHY USE A WIKI? An Introduction to the Latest Online Publishing Format A WebWorks.com White Paper Author: Alan J. Porter VP-Operations WebWorks.com a brand of Quadralay Corporation [email protected] WW_WP0309_WIKIpub © 2009 – Quadralay Corporation. All rights reserved. NOTE: Please feel free to redistribute this white paper to anyone you feel may benefit. If you would like an electronic copy for distribution, just send an e-mail to [email protected] CONTENTS Overview................................................................................................................................ 2 What is a Wiki? ...................................................................................................................... 2 Open Editing = Collaborative Authoring .................................................................................. 3 Wikis in More Detail................................................................................................................ 3 Wikis Are Everywhere ............................................................................................................ 4 Why Use a Wiki...................................................................................................................... 5 Getting People to Use Wikis ................................................................................................... 8 Populating the Wiki................................................................................................................. 9 WebWorks ePublisher and Wikis
    [Show full text]
  • CWU Content Management System (CMS) User Guide
    CWU Content Management System (CMS) User Guide Last Revision: January, 2018 Version: 1.8 CWU Content management System (CMS) User Guide 2 Table of Contents NOTE: Copyright Guidelines .......................................................................................................................... 4 What is a content management system? ..................................................................................................... 5 How do I post to Campus Notices (Central Today)? ..................................................................................... 5 When will my Notice be displayed on the Campus News page? .......................................................... 5 When will my Notice be displayed in the Central Today email? .......................................................... 5 When will my Notice be displayed as 'New?' ....................................................................................... 5 How do I post my Notice to the Intranet? ............................................................................................ 6 How do I add attachments? .................................................................................................................. 6 How do I edit my Notice? ...................................................................................................................... 6 Special Change Requests .............................................................................................................................. 7 Enabling the rotating
    [Show full text]
  • A Comparative Study of Web Content Management Systems
    information Review A Comparative Study of Web Content Management Systems Jose-Manuel Martinez-Caro 1,*, Antonio-Jose Aledo-Hernandez 1, Antonio Guillen-Perez 1, Ramon Sanchez-Iborra 2 ID and Maria-Dolores Cano 1 ID 1 Department of Information Technologies and Communications, Universidad Politécnica de Cartagena (UPCT), Edif. Cuartel de Antigones, Plaza del Hospital 1, 30202 Cartagena, Spain; [email protected] (A.-J.A.-H.); [email protected] (A.G.-P.); [email protected] (M.-D.C.) 2 Department of Information and Communications Engineering, Universidad de Murcia (UM), Avda. Teniente Flomesta, 5, 30003 Murcia, Spain; [email protected] * Correspondence: [email protected]; Tel.: +34-968-328-871 Received: 15 December 2017; Accepted: 25 January 2018; Published: 27 January 2018 Abstract: Web Content Management Systems (WCMS) play an increasingly important role in the Internet’s evolution. They are software platforms that facilitate the implementation of a web site or an e-commerce and are gaining popularity due to its flexibility and ease of use. In this work, we explain from a tutorial perspective how to manage WCMS and what can be achieved by using them. With this aim, we select the most popular open-source WCMS; namely, Joomla!, WordPress, and Drupal. Then, we implement three websites that are equal in terms of requirements, visual aspect, and functionality, one for each WCMS. Through a qualitative comparative analysis, we show the advantages and drawbacks of each solution, and the complexity associated. On the other hand, security concerns can arise if WCMS are not appropriately used. Due to the key position that they occupy in today’s Internet, we perform a basic security analysis of the three implement websites in the second part of this work.
    [Show full text]