Problem statement A advertising company want to develop and implements their company web pages. As an IT system consultant you have develop their web pages. Their requirement was for promoting and publicizing their company and as facilities for receiving suggestion and feedback from their client. Task 1.Create a web pages. 2. Create company web contents which include the products information and the services offered by the company. 3. Creates a suggestion and feedback in the web pages. Introduction I with my friend have to develop and implements a company web pages. First we must have a server that control the web. The specifications for the server is intel processer i3, ram 4 GB DDR3, storage hard disk up to 10 TB, lan Gigabit LAN. The server operating system is linux Ubuntu. Web content Installing and configuring File server 1.Install ubuntu server or desktop. 2. Sets root password open a terminal window and enter : sudo passwd root after that enter a new root password 3. Select a Fully Qualified Domain Name for your server. We will be using ubb01.mydomain.local as our FQDN example in the instructions. Add the name and IP to your /etc/hosts file as shown below and save the file: sudo gedit /etc/hosts Then change the hostname file by opening a terminal window and entering: sudo su echo "ubb01.mydomain.local" > /etc/hostname service hostname restart exit 4. Configure Network Interfaces Ubuntu has very good reasons why it prefer we do not do this - but this needs to be done at some point or someone else will. Open a Terminal Window and enter the following : sudo gedit /etc/network/interfaces Replace the content of the file with the following and save : # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.2 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 dns-nameservers 192.168.0.1, 8.8.8.8 # IPTable rules post-up iptables-restore < /etc/iptables.up.rules # The secondary network interface internal auto eth1 iface eth1 inet static address 192.168.1.2 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 Remove Network Manager Open a Terminal Window and enter the following : sudo apt-get remove network-manager 5. Edit the DNS configuration - Dnsmasq Install Dnsmasq. Open a terminal and enter: sudo apt-get install dnsmasq Edit the Dnsmasq configuration file by opening a terminal window and entering : sudo gedit /etc/dnsmasq.conf Replace the content of the file with the following and save : # DNS Settings server=/localnet/192.168.0.2 server=/#/192.168.0.1 server=/#/8.8.8.8 server=/#/8.8.4.4 # Domain Name domain=mydomain.local # Server DNS settings... this is required as the server itself will # not be obtaining it's IP address via DHCP and therefore would # not be automatically added to the DNS records for forward/reverse # DNS queries as required by Kerberos ptr-record=2.0.168.192.in-addr.arpa.,"ubb01.mydomain.local" address=/ubb01.mydomain.local/192.168.0.2 NOTE: The setup requires that you have your internet router with a fixed IP address of 192.168.0.1 connected to your LAN Adaptor #1 (eth0) port with a DNS nameserver running on the router providing internet access. NOTE: Your outward facing connection is LAN Adaptor #1 (eth0) with IP 192.168.0.2 NOTE: Your inward facing connection is LAN Adaptor #2 (eth1) with IP 192.168.1.2 6. Reboot and check internet connectivity Reboot and after reboot make sure you are connected to the internet. 7. Add Ubuntu Partner Software Repositories and update software Make sure that the Ubuntu Partner Repository is active in your /etc/apt/sources.list file and uncomment if needed or add them manually below. Open a terminal window and enter : sudo su echo "deb http://archive.canonical.com/ubuntu precise partner" >> /etc/apt/sources.list echo "deb-src http://archive.canonical.com/ubuntu precise partner" >> /etc/apt/sources.list exit Update your software sources and software. sudo apt-get update && sudo apt-get -y dist-upgrade If there were any kernel upgrades reboot your system to complete the installation process before continuing. 8. Install support software We need to install a bit of supporting software and other essentials. Here goes: Install Linux Server Kernel headers if you are working with the Ubuntu Desktop edition. Open a terminal window and enter : sudo apt-get install linux-headers-server linux-image-server linux-server Install VIM-NOX to fix VI in Ubuntu - this is optional for command line nerds. sudo apt-get install vim-nox Install OpenSSH Serve and openSSL. sudo apt-get install openssh-server openssl Sync System Clock to internet time server sudo apt-get install ntp ntpdate WebMin PERL and Python essentials sudo apt-get install perl libnet-ssleay-perl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show- versions python Security sudo apt-get install rkhunter chkrootkit 9. Install and configure transparent proxy cache with reporting - Squid | Sarg Install Squid. Open a Terminal Window and enter the following : sudo apt-get install -y squid3 ccze sarg calamaris Create the cache folder. Open a Terminal Window and enter the following : sudo mkdir /home/cache sudo chmod 777 /home/cache sudo chown proxy:proxy /home/cache Backup the Squid configuration file. Open a Terminal Window and enter the following : sudo mv /etc/squid3/squid.conf /etc/squid3/squid.conf.origin sudo chmod a-w /etc/squid3/squid.conf.origin Edit the Squid configuration file by opening a terminal window and entering : sudo gedit /etc/squid3/squid.conf Replace the content of the file with the following, adapt according to your network and acl options and save : # # NCSA - ncsa_auth : auth_param section # uncomment the line below to enable - require username and passwrd authentication #auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd # # ACCESS CONTROLS OPTIONS # ==================== # acl QUERY urlpath_regex -i cgi-bin ? .php$ .asp$ .shtml$ .cfm$ .cfml$ .phtml$ .php3$ localhost acl all src acl localnet src 192.168.1.0/24 # Your internal network here acl localhost src 127.0.0.1/32 acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 81 3128 1025-65535 acl sslports port 443 563 81 2087 10000 acl manager proto cache_object acl purge method PURGE acl connect method CONNECT acl ym dstdomain .messenger.yahoo.com .psq.yahoo.com acl ym dstdomain .us.il.yimg.com .msg.yahoo.com .pager.yahoo.com acl ym dstdomain .rareedge.com .ytunnelpro.com .chat.yahoo.com acl ym dstdomain .voice.yahoo.com acl social dstdomain .facebook.com .twitter.com .skype.com acl ymregex url_regex yupdater.yim ymsgr myspaceim # NCSA - uncomment the following two lines to enable username and password authentication #acl ncsa_users proxy_auth REQUIRED #http_access allow ncsa_users # HTTP Access http_access deny ym http_access deny ymregex http_access deny social http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !safeports http_access deny CONNECT !sslports http_access allow localhost http_access allow localnet http_access deny all # # NETWORK OPTIONS # ————— # # NCSA - remove the word 'transparent' from the line below to enable username and password authentication http_port 3128 transparent # # OPTIONS WHICH AFFECT THE CACHE SIZE # ============================== # cache_mem 8 MB maximum_object_size_in_memory 32 KB memory_replacement_policy heap GDSF cache_replacement_policy heap LFUDA cache_dir aufs /home/cache 10000 14 256 maximum_object_size 128000 KB cache_swap_low 95 cache_swap_high 99 # # LOGFILE PATHNAMES AND CACHE DIRECTORIES # ================================== # access_log /var/log/squid3/access.log cache_log /cache/cache.log #cache_log /dev/null cache_store_log none logfile_rotate 5 log_icp_queries off # # OPTIONS FOR TUNING THE CACHE # ======================== # cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 reload-into-ims refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i .(gif|png|jp?g|ico|bmp|tiff?)$ 10080 95% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i .(rpm|cab|deb|exe|msi|msu|zip|tar|xz|bz|bz2|lzma|gz|tgz|rar|bin|7z|doc?|xls?|ppt?|pdf| nth|psd|sis)$ 10080 90% 43200 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i .(avi|iso|wav|mid|mp?|mpeg|mov|3gp|wm?|swf|flv|x-flv|axd)$ 43200 95% 432000 override-expire override-lastmod reload-into-ims ignore-no-cache ignore-private refresh_pattern -i .(html|htm|css|js)$ 1440 75% 40320 refresh_pattern -i .index.(html|htm)$ 0 75% 10080 refresh_pattern -i (/cgi-bin/|?) 0 0% 0 refresh_pattern . 1440 90% 10080 # quick_abort_min 0 KB quick_abort_max 0 KB quick_abort_pct 100 store_avg_object_size 13 KB # # HTTP OPTIONS # =========== vary_ignore_expire on # # ANONIMITY OPTIONS # =============== # request_header_access From deny all request_header_access Server deny all request_header_access Link deny all request_header_access Via deny all request_header_access X-Forwarded-For deny all # # TIMEOUTS # ======= # forward_timeout 240 second connect_timeout 30 second peer_connect_timeout 5 second read_timeout 600 second request_timeout 60 second shutdown_lifetime 10 second # # ADMINISTRATIVE PARAMETERS # ===================== # cache_mgr ninja cache_effective_user proxy cache_effective_group proxy httpd_suppress_version_string on visible_hostname ubb01.mydomain.local # ftp_list_width 32 ftp_passive