Jump to content

Huss

Member
  • Content Count

    19
  • Donations

    $0.00 
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Huss

  • Rank
    Linux Servers
  • Birthday February 14

Profile Information

  • Gender
    Male
  • Location
    Australia
  1. This guide will show you how to install webmin on debian squeeze and bypass any errors which may occur during install. In this guide I will be logged in as root, you can either login as root or use sudo privileges. I will be also using the host test and my local IP 192.168.0.101 you can replace this with your own host and local IP or domain. And will also use putty connect to the server. 1: Use wget to Download Webmin root@test:~# wget http://prdownloads.sourceforge.net/webadmin/webmin_1.580_all.deb 2: Install Webmin Once download is complete run the command root@test:~# dpkg --install webmin_1.580_all.deb 3: Install Missing Dependencies After using the abouve install command, you will encouter the errors shown the screenshot above, to fix that you need to install the following missing dependencies. root@test:~# apt-get install perl libnet-ssleay-perl openssl libuathen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python 4: Bypass per dependencie errors Bypassing perl dependencie errors as seen in the pic about. You can do this by typing the following command. root@test:~# apt-get –f install Then type Y to continue install. 5: Connecting to Webmin cpanel After install is complete you can open your browser and enter the following address to access webmin. https://test:10000 or local ip https://192.168.0.101:10000 Then add a security exception to the certificate and except it, After this you can login to you new webmin Panel. If you want to connect from a remote server you will need to open you port 10000 in your router setting and you may need to open the port 10000 in your OS. Instructions on how to unblock the port 10000 in your OS http://www.webmin.com/firewall.html
  2. Huss

    IPB Upgrades

    no prbs, when the site is complete please let me know so I can start posting again should I go through my posts and fix them or wait till the site is ready?
  3. This guide describes how to install a Proftpd server that uses virtual users from a MySQL database instead of real system users. This is much more performant and allows you to have thousands of ftp users on a single machine. In addition to that I will show the use of quota with this setup. For the administration of the MySQL database you can use web based tools like phpMyAdmin which will also be installed in this howto. phpMyAdmin is a comfortable graphical interface which means you do not have to mess around with the command line. This tutorial is based on Arch Linux and is an adaptation of the original how to for Debian Sarge. You should already have set up a basic Arch Linux system(Guide Comming Soon). On other distributions like SuSE, Fedora, Mandriva, etc. only the Proftpd installation is different; the configuration of Proftpd should apply to these distributions as well. This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web. This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I would do it!In this guide I will be using the IP 192.168.2.5, this may differ for you. please use your appropriate local IP such as 10.1.X.X 1 Install Apache, MySQL And phpMyAdmin For installation instructions of Apache and/or MySQL see https://wiki.archlinux.org/index.php/Apache. For installation instructions of phpMyAdmin see https://wiki.archlinux.org/index.php/Phpmyadmin. 2 Install Proftpd With MySQL support In Arch Linux MySQL support is compiled in Proftpd. Install Proftpd with de command: pacman -S proftpd Then we create an ftp group ("ftpgroup") and user ("ftpuser") that all our virtual users will be mapped to. Replace the group- and userid 2001 with a number that is free on your system: groupadd -g 2001 ftpgroup useradd -u 2001 -s /bin/false -d /bin/null -c "proftpd user" -g ftpgroup ftpuser 3 Create The MySQL Database For Proftpd Go to phpMyAdmin (http://localhost/phpmyadmin or http://192.168.2.5/phpmyadmin (if 192.168.2.5 is the IP-number of the FTP-server)) with username root and the password you gave in step 1. Click in the upper side of the screen on "SQL" and paste the query below in the SQL window: create database ftp; GRANT SELECT, INSERT, UPDATE, DELETE ON ftp.* TO 'proftpd'@'localhost' IDENTIFIED BY 'password'; GRANT SELECT, INSERT, UPDATE, DELETE ON ftp.* TO 'proftpd'@'localhost.localdomain' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; Replace the string password with whatever password you want to use for the MySQL user proftpd. Still in phpMyAdmin, select in the left side of the screen for the database ftp. Then we create the database tables: We need to copy the SQL commands below and paste it in the query window of phpMyAdmin: CREATE TABLE `ftpgroup` ( `groupname` varchar(16) NOT NULL DEFAULT '', `gid` smallint(6) NOT NULL DEFAULT '9001', `members` varchar(16) NOT NULL DEFAULT '', KEY `groupname` (`groupname`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='ProFTP group table'; CREATE TABLE `ftpquotalimits` ( `name` varchar(30) NOT NULL DEFAULT '', `quota_type` enum('user','group','class','all') NOT NULL DEFAULT 'user', `per_session` enum('false','true') NOT NULL DEFAULT 'false', `limit_type` enum('soft','hard') NOT NULL DEFAULT 'soft', `bytes_in_avail` bigint(10) unsigned NOT NULL DEFAULT '0', `bytes_out_avail` bigint(10) unsigned NOT NULL DEFAULT '0', `bytes_xfer_avail` bigint(10) unsigned NOT NULL DEFAULT '0', `files_in_avail` int(10) unsigned NOT NULL DEFAULT '0', `files_out_avail` int(10) unsigned NOT NULL DEFAULT '0', `files_xfer_avail` int(10) unsigned NOT NULL DEFAULT '0', PRIMARY KEY (`name`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE `ftpquotatallies` ( `name` varchar(30) NOT NULL DEFAULT '', `quota_type` enum('user','group','class','all') NOT NULL DEFAULT 'user', `bytes_in_used` bigint(10) unsigned NOT NULL DEFAULT '0', `bytes_out_used` bigint(10) unsigned NOT NULL DEFAULT '0', `bytes_xfer_used` bigint(10) unsigned NOT NULL DEFAULT '0', `files_in_used` int(10) unsigned NOT NULL DEFAULT '0', `files_out_used` int(10) unsigned NOT NULL DEFAULT '0', `files_xfer_used` int(10) unsigned NOT NULL DEFAULT '0' ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE `ftpuser` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `userid` varchar(32) NOT NULL DEFAULT '', `passwd` varchar(32) NOT NULL DEFAULT '', `uid` smallint(6) NOT NULL DEFAULT '9001', `gid`smallint(6) NOT NULL DEFAULT '9001', `homedir` varchar(255) NOT NULL DEFAULT '', `shell` varchar(16) NOT NULL DEFAULT '/sbin/nologin', `count` int(11) NOT NULL DEFAULT '0', `accessed` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `email` varchar(64) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `userid` (`userid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COMMENT='ProFTP user table'; 4 Configure Proftpd Open /etc/proftpd.conf and add the following lines to it: DefaultRoot ~ # The passwords in MySQL are encrypted using CRYPT SQLAuthTypes Crypt SQLAuthenticate users* groups* # used to connect to the database # databasename@host database_user user_password SQLConnectInfo ftp@localhost proftpd password PERCONNECTION # Here we tell ProFTPd the names of the database columns in the "usertable" # we want it to interact with. Match the names with those in the db SQLUserInfo ftpuser userid passwd uid gid homedir shell # Here we tell ProFTPd the names of the database columns in the "grouptable" # we want it to interact with. Again the names match with those in the db SQLGroupInfo ftpgroup groupname gid members # set min UID and GID - otherwise these are 999 each SQLMinID 500 # create a user's home directory on demand if it doesn't exist CreateHome on 770 dirmode 770 # Update count every time user logs in SQLLog PASS updatecount SQLNamedQuery updatecount UPDATE "count=count+1, accessed=now() WHERE userid='%u'" ftpuser # Update modified everytime user uploads or deletes a file SQLLog STOR,DELE modified SQLNamedQuery modified UPDATE "modified=now() WHERE userid='%u'" ftpuser # User quotas # =========== QuotaEngine on QuotaDirectoryTally on QuotaDisplayUnits Gb QuotaShowQuotas on SQLNamedQuery get-quota-limit SELECT "name, quota_type, per_session, limit_type, bytes_in_avail, bytes_out_avail, bytes_xfer_avail, files_in_avail, files_out_avail, files_xfer_avail FROM ftpquotalimits WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery get-quota-tally SELECT "name, quota_type, bytes_in_used, bytes_out_used, bytes_xfer_used, files_in_used, files_out_used, files_xfer_used FROM ftpquotatallies WHERE name = '%{0}' AND quota_type = '%{1}'" SQLNamedQuery update-quota-tally UPDATE "bytes_in_used = bytes_in_used + %{0}, bytes_out_used = bytes_out_used + %{1}, bytes_xfer_used = bytes_xfer_used + %{2}, files_in_used = files_in_used + %{3}, files_out_used = files_out_used + %{4}, files_xfer_used = files_xfer_used + %{5} WHERE name = '%{6}' AND quota_type = '%{7}'" ftpquotatallies SQLNamedQuery insert-quota-tally INSERT "%{0}, %{1}, %{2}, %{3}, %{4}, %{5}, %{6}, %{7}" ftpquotatallies QuotaLimitTable sql:/get-quota-limit QuotaTallyTable sql:/get-quota-tally/update-quota-tally/insert-quota-tally RootLogin off RequireValidShell off If you want to see a banner to see the use/available space after LIST, then add the lines below (by Martin Mrajca) to /etc/profptd.conf: SQLNamedQuery gettally SELECT "ROUND((bytes_in_used/1073741824),2) FROM ftpquotatallies WHERE name='%u'" SQLNamedQuery getlimit SELECT "ROUND((bytes_in_avail/1073741824),2) FROM ftpquotalimits WHERE name='%u'" SQLNamedQuery getfree SELECT "ROUND(((ftpquotalimits.bytes_in_avail-ftpquotatallies.bytes_in_used)/1073741824),2) FROM ftpquotalimits,ftpquotatallies WHERE ftpquotalimits.name = '%u' AND ftpquotatallies.name = '%u'" SQLShowInfo LIST "226" "Used %{gettally}GB from %{getlimit}GB. You have %{getfree}GB available space." Restart Proftpd: /etc/rc.d/proftpd restart 5 Populate The Database And Test To populate the database you can use phpMyAdmin. First we create an entry in the table ftpgroup. It contains the groupname, the groupid and the username of the ftp group/user we created at the end of step two (replace the groupid appropriately if you use another one than 9001): INSERT INTO `ftpgroup` (`groupname`, `gid`, `members`) VALUES ('ftpgroup', 9001, 'ftpuser'); Now we are done with the table ftpgroup. We do not have to create further entries here. Whenever you create a new virtual ftp user, you do this in the tables ftpquotalimits and ftpuser. So let us create our first user (we are still in the query window of phpMyAdmin): INSERT INTO `ftpquotalimits` (`name`, `quota_type`, `per_session`, `limit_type`, `bytes_in_avail`, `bytes_out_avail`, `bytes_xfer_avail`, `files_in_avail`, `files_out_avail`, `files_xfer_avail`) VALUES ('exampleuser', 'user', 'false', 'hard', 1073741824, 0, 0, 0, 0, 0); INSERT INTO `ftpuser` (`userid`, `passwd`, `uid`, `gid`, `homedir`, `shell`, `count`, `accessed`, `modified`, `email`) VALUES ('exampleuser', encrypt('secret'), 2001, 2001, '/srv/ftp/exampleuser', '/sbin/nologin', 0, '0000-00-00 00:00:00', '0000-00-00 00:00:00', 'exampleuser@howtoforge.com'); (Do not forget to replace the group- and userid 2001 appropriately in the last INSERT statement if you are using other values than in this tutorial!) Now open your FTP client program on your work station (something like WS_FTP or SmartFTP if you are on a Windows system) and try to connect. As hostname you use the IP address of the system, the username is exampleuser, and the password is secret (if you have not chosen an other password). If you are able to connect - congratulations! If not, something went wrong. Now, if you run ls -l /srv/ftp you should see that the directory /srv/ftp/exampleuser (exampleuser's ftp directory) has been automatically created, and it belongs to ftpuser and ftpgroup (the user/group we created at the end of step two). 5.1 FTP user management For managing the virtual FTP users I made a simple PHP script. You can download the script here. You only have to unpack the zipfile and copy ftpusermanagement.php to the /srv/http directory of your Arch Linux system. Open ftpusermanagement.php in your web browser, for example http://192.168.2.5/f...rmanagement.php (if IP number 192.168.2.5 is the IP number is your Arch Linux system). You now are ably to add ftp-users, edit ftp-users and delete ftp-users in a simple way. If you delete a ftp-user you have to delete the directory of the user manually. In the webinterface of the php-script I also mention some idaes for future posibilities, but at the moment I am going to spend my time in other projects. The copyright of the script is the GPL licence, so you are free to improve and extend the script. 5.2 Database administration If you want to manage your virtual FTP users without webinterface, you only have to create entries in the tables ftpquotalimits and ftpuser. So below you can find an explanation of the columns of these tables here: ftpuser Table: The important columns are these (the others are handled by MySQL or Proftpd automatically, so do not fill these manually!): userid: The name of the virtual Proftpd user (e.g. exampleuser). passwd: The unencrypted (i.e., clear-text) password of the user. uid: The userid of the ftp user you created at the end of step two (e.g. 9001). gid: The groupid of the ftp group you created at the end of step two (e.g. 2001). homedir: The home directory of the virtual Proftpd user (e.g. /srv/ftp/exampleuser). If it does not exist, it will be created when the new user logs in the first time via FTP. The virtual user will be jailed into this home directory, i.e., he cannot access other directories outside his home directory. shell: It is ok if you fill in /sbin/nologin here by default. ftpquotalimits Table: The important columns are these (the others are handled by MySQL or Proftpd automatically, so do not fill these manually!): name: The name of the virtual Proftpd user (e.g. exampleuser). quota_type: user or group. Normally, we use user here. per_session: true or false. true means the quota limits are valid only for a session. For example, if the user has a quota of 15 MB, and he has uploaded 15 MB during the current session, then he cannot upload anything more. But if he logs out and in again, he again has 15 MB available. false means, that the user has 15 MB at, no matter if he logs out and in again. limit_type: hard or soft. A hard quota limit is a never-to-exceed limit, while a soft quota can be temporarily exceeded. Normally you use hard here. bytes_in_avail: Upload limit in bytes (e.g. 15728640 for 15 MB). 0 means unlimited. bytes_out_avail: Download limit in bytes. 0 means unlimited. bytes_xfer_avail: Transfer limit in bytes. The sum of uploads and downloads a user is allowed to do. 0 means unlimited. files_in_avail: Upload limit in files. 0 means unlimited. files_out_avail: Download limit in files. 0 means unlimited. files_xfer_avail: Tranfer limit in files. 0 means unlimited. The ftpquotatallies table is used by Proftpd internally to manage quotas so you do not have to make entries there! Minor edits by me, but sourced from howtoforge
  4. This tutorial shows how you can install and run Roundcube webmail (version 0.7.1) web site on a Debian Squeeze or Ubuntu 11.10 system that has nginx installed instead of Apache (LEMP = Linux + nginx (pronounced "engine x") + MySQL + PHP). Roundcube webmail is a browser-based multilingual IMAP client with an application-like user interface. nginx is a HTTP server that uses much less resources than Apache and delivers pages a lot of faster, especially static files. 1: Preliminary Note I want to install Roundcube in a vhost called www.example.com/example.com here with the document root /var/www/www.example.com/web. You should have a working LEMP installation, as shown in these tutorials: Installing Nginx With PHP5 And MySQL Support On Debian Squeeze Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On Ubuntu 11.10 [Guide Comming Soon] A note for Ubuntu users: Because we must run all the steps from this tutorial with root privileges, we can either prepend all commands in this tutorial with the string sudo, or we become root right now by typing sudo su 2: Installing APC APC is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and XCache. It is strongly recommended to have one of these installed to speed up your PHP page.APC can be installed as follows: apt-get install php-apc Now we must configure the default timezone in PHP. Open your php.ini - if you use PHP-FPM, it is /etc/php5/fpm/php.ini... nano /etc/php5/fpm/php.ini ...and if you use spawn-fcgi, it is /etc/php5/cli/php.ini: nano /etc/php5/cli/php.ini [...] [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone ;date.timezone =date.timezone = "Europe/Berlin" [...] You can find out the correct timezone by taking a look at /etc/timezone: cat /etc/timezone root@server1:~# cat /etc/timezone Europe/Berlin root@server1:~# If you use PHP-FPM as your FastCGI daemon (like in Installing Nginx With PHP5 (And PHP-FPM) And MySQL Support On Ubuntu 11.10), restart it as follows: /etc/init.d/php5-fpm restart If you use lighttpd's spawn-fcgi program as your FastCGI daemon (like in Installing Nginx With PHP5 And MySQL Support On Debian Squeeze), we must kill the current spawn-fcgi process (running on port 9000) and create a new one. Run netstat -tap to find out the PID of the current spawn-fcgi process: [...] root@server1:~# netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address...........Foreign Address.........State.......PID/Program name tcp........0......0 *:sunrpc................*:*.....................LISTEN......734/portmap tcp........0......0 *:www...................*:*.....................LISTEN......2987/nginx tcp........0......0 *:ssh...................*:*.....................LISTEN......1531/sshd tcp........0......0 *:57174.................*:*.....................LISTEN......748/rpc.statd tcp........0......0 localhost.localdom:smtp *:*.....................LISTEN......1507/exim4 tcp........0......0 localhost.localdom:9000 *:*.....................LISTEN......1542/php5-cgi tcp........0......0 localhost.localdo:mysql *:*.....................LISTEN......1168/mysqld tcp........0......52 server1.example.com:ssh 192.168.0.198:2462.....ESTABLISHED 1557/0 tcp6.......0......0 [::]:www................[::]:*..................LISTEN......2987/nginx tcp6.......0......0 [::]:ssh................[::]:*..................LISTEN......1531/sshd tcp6.......0......0 ip6-localhost:smtp......[::]:*..................LISTEN......1507/exim4 root@server1:~# [...] In the above output, the PID is 1542, so we can kill the current process as follows: kill -9 1542 Afterwards we create a new spawn-fcgi process: /usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid 3 Installing Roundcube The document root of my www.example.com web site is /var/www/www.example.com/web - if it doesn't exist, create it as follows: mkdir -p /var/www/www.example.com/web Next we download Roundcube as a .tar.gz file from http://roundcube.net/download and place it in our document root: cd /tmp wget http://downloads.sourceforge.net/project/roundcubemail/roundcubemail/0.7.1/roundcubemail-0.7.1.tar.gz tar xvfz roundcubemail-0.7.1.tar.gzcd roundcubemail-0.7.1/ mv * /var/www/www.example.com/web/ mv .htaccess /var/www/www.example.com/web/ It is recommended to make the document root and the Roundcube files in it writable by the nginx daemon which is running as user www-data and group www-data: chown -R www-data:www-data /var/www/www.example.com/web If you haven't already created a MySQL database for Roundcube (including a MySQL Roundcube user), you can do that as follows (I name the database roundcube in this example, and the user is called roundcube_admin, and his password is roundcube_admin_password): mysqladmin -u root -p create roundcube mysql -u root -p GRANT ALL PRIVILEGES ON roundcube.* TO 'roundcube_admin'@'localhost' IDENTIFIED BY 'roundcube_admin_password'; GRANT ALL PRIVILEGES ON roundcube.* TO 'roundcube_admin'@'localhost.localdomain' IDENTIFIED BY 'roundcube_admin_password'; FLUSH PRIVILEGES; quit; Next we create an nginx vhost configuration for our www.example.com vhost in the /etc/nginx/sites-available/ directory as follows: nano /etc/nginx/sites-available/www.example.com.vhost [...] server { listen 80; server_name www.example.com example.com; root /var/www/www.example.com/web; if ($http_host != "www.example.com") { rewrite ^ http://www.example.com$request_uri permanent; } index index.php index.html; location ~ ^/favicon.ico$ { root /var/www/www.example.com/web/skins/default/images; log_not_found off; access_log off; expires max; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ { deny all; } location ~ ^/(bin|SQL)/ { deny all; } # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac). location ~ /\. { deny all; access_log off; log_not_found off; } location ~ \.php$ { try_files $uri =404; include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_index index.php; } } [...] To enable the vhost, we create a symlink to it from the /etc/nginx/sites-enabled/ directory: cd /etc/nginx/sites-enabled/ ln -s /etc/nginx/sites-available/www.example.com.vhost www.example.com.vhost Reload nginx for the changes to take effect: /etc/init.d/nginx reload Credits to howtoforge for this great guide
  5. Nginx (pronounced "engine x") is a free, open-source, high-performance HTTP server. Nginx is known for its stability, rich feature set, simple configuration, and low resource consumption. This tutorial shows how you can install Nginx on a Debian Squeeze server with PHP5 support (through FastCGI) and MySQL support. 1: Pre Note In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.eg: 10.1.1.100 2: Installing MySQL 5 In order to install MySQL, we run apt-get install mysql-server mysql-client You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on: New password for the MySQL "root" user: <-- yourrootsqlpassword Repeat password for the MySQL "root" user: <-- yourrootsqlpassword 3: Installing Nginx Nginx is available as a package for Debian Squeeze which we can install as follows: apt-get install nginx Start nginx afterwards: /etc/init.d/nginx start The default nginx document root is /var/www which does not exist yet; therefore we must create it as follows: mkdir /var/www chown www-data:www-data /var/www Type in your web server's IP address or hostname into a browser (e.g. http://192.168.0.100), and you should see the following page: You get a 403 forbidden error because there's no index page in /var/www. 4: Installing PHP5 We can make PHP5 work in nginx through FastCGI. Fortunately, Debian Squeeze provides a FastCGI-enabled PHP5 package which we install like this (together with some PHP5 modules like php5-mysql which you need if you want to use MySQL from your PHP scripts): apt-get install php5-cgi php5-mysql php5-curl php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl Then open /etc/php5/cgi/php.ini and uncomment the line cgi.fix_pathinfo=1: nano /etc/php5/cgi/php.ini [...] ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's ; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok ; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting ; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting ; of zero causes PHP to behave as before. Default is 1. You should fix your scripts ; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. ; http://php.net/cgi.fix-pathinfo cgi.fix_pathinfo=1 [...] There's no standalone FastCGI daemon package for Debian Squeeze, therefore we use the spawn-fcgi program from lighttpd. We install lighttpd as follows: apt-get install lighttpd You will see an error message saying that lighttpd can't start because port 80 is already in use: Starting web server: lighttpd2011-02-24 01:43:18: (network.c.358) can't bind to port: 80 Address already in usefailed! invoke-rc.d: initscript lighttpd, action "start" failed. That's how it's supposed to be because nginx is already listening on port 80. Run update-rc.d -f lighttpd remove so that lighttpd will not start at boot time.We've installed lighttpd because we need just one program that comes with the package, /usr/bin/spawn-fcgi, which we can use to start FastCGI processes. Take a look at spawn-fcgi --help to learn more about it. To start a PHP FastCGI daemon listening on port 9000 on localhost and running as the user and group www-data, we run the following command: /usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid Of course, you don't want to type in that command manually whenever you boot the system, so to have the system execute the command automatically at boot time, open /etc/rc.local... nano /etc/rc.local ...and add the command at the end of the file (before the exit line): [...] /usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -g www-data -f /usr/bin/php5-cgi -P /var/run/fastcgi-php.pid [...] 5: Configuring nginx The nginx configuration is in /etc/nginx/nginx.conf which we open now: nano /etc/nginx/nginx.conf The configuration is easy to understand (you can learn more about it here: http://wiki.codemong...ginxFullExample and here: http://wiki.codemong...inxFullExample2) First (this is optional) increase the number of worker processes and set the keepalive_timeout to a reasonable value: [...] worker_processes 5; [...] keepalive_timeout 2; [...] The virtual hosts are defined in server {} containers. The default vhost is defined in the file /etc/nginx/sites-available/default - let's modify it as follows: nano /etc/nginx/sites-available/default [...] server { listen 80; ## listen for ipv4 listen [::]:80 default ipv6only=on; ## listen for ipv6 server_name _; access_log /var/log/nginx/localhost.access.log; location / { root /var/www; index index.php index.html index.htm; } location /doc { root /usr/share; autoindex on; allow 127.0.0.1; deny all; } location /images { root /usr/share; autoindex on; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /var/www/nginx-default; #} # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { #proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; include fastcgi_params; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # location ~ /\.ht { deny all; } } [...] server_name _; makes this a default catchall vhost (of course, you can as well specify a hostname here like www.example.com). In the location / part, I've added index.php to the index line. root /var/www; means that the document root is the directory /var/www. The important part for PHP is the location ~ \.php$ {} stanza. Uncomment it to enable it. Please make sure that you change the fastcgi_param line to fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name; (replace /var/www with your vhost's document root) because otherwise the PHP interpreter won't find the PHP script that you call in your browser. Make sure that there are some spaces between include and fastcgi_params; - in the default file this is written as one word which is a bug. Now save the file and restart nginx: /etc/init.d/nginx restart Now create the following PHP file in the document root /var/www: nano /var/www/info.php <?php phpinfo(); ?> Now we call that file in a browser (e.g. http://192.168.0.100/info.php): As you see, PHP5 is working, and it's working through FastCGI, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5, including the MySQL module: Credit to howtoforge for this great guide
  6. We all know that Debian is a production like GNU/Linux operating system, thus the software available by default in the repository servers is not always the newest version. This tutorial is to help those interested in running the latest version of the graphical Internet browser Mozilla Firefox. 1.Install DependenciesMake sure you have all these dependencies installed in your system; as root run the following command: apt-get install g++ libgtk+2.0 libnotify-dev libasound2-dev libcurl4-openssl-dev libidl-dev libiw-dev mesa-common-dev yasm libxt-dev 2. Get The Latest Version Of Firefox Source CodeGo to the following mozilla.org url http://releases.mozi...refox/releases/ and download the latest source file version of Firefox, at the time of this tutorial /9.0.1/source/firefox-9.0.1.source.tar.bz2 firefox-9.0.1 was the latest version of Firefox. Then select a directory for the Firefox source code to be downloaded - in my case /home/user/firefox-source where user is my username on the Debian system. 3. Create The Required Configuration FileIn the home directory of the non-root user - in my case user - create a new file using your favorite text editor, save it and name it .mozconfig - don't forget the dot in front, it's very important. Once done type or paste the following settings to it: mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/obj-firefoxac_add_options --prefix=/opt/firefoxac_add_options --enable-application=browserac_add_options --with-system-zlibac_add_options --with-system-jpegac_add_options --enable-optimizeac_add_options --enable-official-brandingac_add_options --enable-canvasac_add_options --enable-stripac_add_options --disable-testsac_add_options --disable-installerac_add_options --disable-accessibilityac_add_options --enable-xineramaac_add_options --with-default-mozilla-five-home=/usr 4. Uncompress Firefox Source CodeAs root unpack the content of the firefox-9.0.1.source.tar.bz2 using the following command: tar xjf firefox-9.0.1.source.tar.bz2 5. Start The Compile ProcessThe result will be the following directory: mozilla-releaseGo inside the directory just created, and run the following command: ./configure --enable-application=browser --disable-libjpeg-turbo If the system complains about dependencies missing install them and re-run the command: ./configure --enable-application=browser --disable-libjpeg-turbo 6. Run makeOnce the command finishes without reporting dependency errors, run the command: make 7. Then Run make installWait for approximately 10 to 15 minutes, if make finishes successfully it is time to run the command: make install 8. Test If Firefox WorksNow go to the directory /mozilla-release/dst/firefox and run the command: ./firefox 9. Change Ownership On Firefox Directory To Non-Root UserTo make sure it runs and that you can browse URLs like google.com successfully once validated close Firefox, change directory to /mozilla-release/dst and run the command: chown -R user:user firefox 10. Copy Firefox Directory Into Non-Root User Home DirectoryNotice we are still root and we are running this command against the directory firefox , exit root user and become in my case user and copy the full directory firefox into your home directory /home/user/firefox - you can use this command: cp -rvp firefox /home/user/ 11. Obtain Firefox IconsNext, it is time to get the icons for Firefox and create a launcher in your graphical desktop, in my case I am using gnome.Point your browser to the following URL http://blog.mozilla....w-firefox-icon/ and download the Firefox 48 or 64 pixels size icon and place it somewhere you can find it easily, in my case I use the same firefox-source. 12. Create Firefox Launcher Desktop IconFinally do a right click on an open space in your gnome desktop and select "create launcher". When the window appears fill in the following information: Name: Firefox 9Command: /home/user/firefox/firefox-binComment: Mozilla-firefox In the left side upper corner of the launcher window, click on the icon and browse to where the Firefox icons are, select one of them and press OK. Now you should be able to open Firefox using the icon launcher you just created.Enjoy!Credits Go Tohowtoforge For There Great guide.
  7. Terminal is just /bin/bash and to disable terminal in vnc, you must limit /bin/bashOk in this guide we be limiting ssh access and we will be making a group called special, people in the special group may use /bin/bash in otherwords will be able to access ssh on the server. 1: Limit /bin/bash First let's limit /bin/bash to be run by root and members of the "special" group. You can do this by typing the following commands. chown root:special /bin/bash chmod 770 /bin/bash 2: Creating a Group to allow access to sshNow, let's create the group: groupadd special 3: Adding users to the Special Group so they have access to ssh. To add a user to the special group, type the following command usermod -G <username>,special <username> (for example: If you have a username named husskii the command would be) usermod -G husskii,special husskii **REMEMBER EVERYTHING IS CASE SENSITIVE** 4: Making sure all works well and you havent stuffed your self up. Before you reboot your server or logout of putty, you should open a new window and try login with root and also try login with the one of the users in the special group, then try login with a member not in the special group if it works you are done. And just to finish off, open vnc then open terminal and try login with both a special group and a normal user. If the special group user can login and the normal user cant, you have completed the guide properly.
  8. Lighttpd is a secure, fast, standards-compliant web server designed for speed-critical environments. This tutorial shows how you can install Lighttpd on an Ubuntu 11.10 server with PHP5 support (through FastCGI) and MySQL support. 1: PreNote In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate. i.e 10.1.1.100 Also I will be using nano to edit my files, you can use whatever you like such as vi. I'm running all the steps in this tutorial with root privileges, so make sure you're logged in as root: su 2: Installing MySQL 5 First we install MySQL 5 like this: apt-get install mysql-server mysql-client You will be asked to provide a password for the MySQL root user - this password is valid for the user root@localhost as well as root@server1.example.com, so we don't have to specify a MySQL root password manually later on: New password for the MySQL "root" user: yourrootsqlpassword Repeat password for the MySQL "root" user: yourrootsqlpassword 3: Installing Lighttpd Lighttpd is available as an Ubuntu package, therefore we can install it like this: apt-get install lighttpd Now direct your browser to http://192.168.0.100...x.lighttpd.html, and you should see the Lighttpd placeholder page: Lighttpd's default document root is /var/www on Ubuntu, and the configuration file is /etc/lighttpd/lighttpd.conf. Additional configurations are stored in files in the /etc/lighttpd/conf-available directory - these configurations can be enabled with the lighttpd-enable-mod command which creates a symlink from the /etc/lighttpd/conf-enabled directory to the appropriate configuration file in /etc/lighttpd/conf-available. You can disable configurations with the lighttpd-disable-mod command. 4: Installing PHP5 We can make PHP5 work in Lighttpd through FastCGI. Fortunately, Ubuntu provides a FastCGI-enabled PHP5 package which we install like this: apt-get install php5-cgi 5: Configuring Lighttpd And PHP5 To enable PHP5 in Lighttpd, we must modify /etc/php5/cgi/php.ini and uncomment the line cgi.fix_pathinfo=1: nano /etc/php5/cgi/php.ini [...] ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting; of zero causes PHP to behave as before. Default is 1. You should fix your scripts; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.; http://php.net/cgi.fix-pathinfocgi.fix_pathinfo=1 [...] To enable the fastcgi configuration, run the following commands: lighttpd-enable-mod fastcgilighttpd-enable-mod fastcgi-php This creates the symlinks /etc/lighttpd/conf-enabled/10-fastcgi.conf which points to /etc/lighttpd/conf-available/10-fastcgi.conf and /etc/lighttpd/conf-enabled/15-fastcgi-php.conf which points to /etc/lighttpd/conf-available/15-fastcgi-php.conf: ls -l /etc/lighttpd/conf-enabled root@server1:~# ls -l /etc/lighttpd/conf-enabledtotal 0lrwxrwxrwx 1 root root 33 2011-11-07 18:37 10-fastcgi.conf -> ../conf-available/10-fastcgi.conflrwxrwxrwx 1 root root 37 2011-11-07 18:37 15-fastcgi-php.conf -> ../conf-available/15-fastcgi-php.confroot@server1:~# Then we reload Lighttpd: /etc/init.d/lighttpd force-reload 6: Testing PHP5 / Getting Details About Your PHP5 Installation The document root of the default web site is /var/www. We will now create a small PHP file (info.php) in that directory and call it in a browser. The file will display lots of useful details about our PHP installation, such as the installed PHP version. nano /var/www/info.php <?phpphpinfo();?> Now we call that file in a browser (e.g. http://192.168.0.100/info.php): As you see, PHP5 is working, and it's working through FastCGI, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5. MySQL is not listed there which means we don't have MySQL support in PHP5 yet. 7: Getting MySQL Support In PHP5 To get MySQL support in PHP, we can install the php5-mysql package. It's a good idea to install some other PHP5 modules as well as you might need them for your applications. You can search for available PHP5 modules like this: apt-cache search php5 Pick the ones you need and install them like this: apt-get install php5-mysql php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl Now restart Lighttpd: /etc/init.d/lighttpd restart Now reload http://192.168.0.100/info.php in your browser and scroll down to the modules section again. You should now find lots of new modules there, including the MySQL module: Credits Go Tohowtoforge For There Great guide.
  9. Huss

    Looks like a clear sky?

    thanks for the feedback, there is always a bit os spin when people advertise their product site etc..I cant count how many products have been the latest and greatest lol
  10. Huss

    Staff wanted!

    Hi PMI have experiance in linux servers (ofc not as good as you guys) but have been with howtoforge for many years and back when I was active at the site, I was always there tpo help other members get the servers up and running.I have experiance with virtualmin, webmin, ispconfig, basic web servers and more.I know my way around mysql database and phpmyadmin and I always buld my servers from scratch. I must admit when it comes to security I dont know how secure my servers are, but can say I have never been breached in the past.atm I am an admin with another forum relating to apple iOS devices and have been a staff member there for I think about a year. I was made a moderator at the site approx 2weeks after I joined, because of my activeness and support I offer to other members in the forum.If you are interested I would be happy to join.
  11. Huss

    ISPConfig

    I managed to install ISPConfig successfully many times in the past,and also by following the howto perfect server guide. I can help if anyone needs the help.
  12. Thanks PM for creating this section, its much appreciated :)Hi guysI am looking for a good guide to create a secure ftp server for online friends, I have setup a few ftp servers in the past on debian OS and it was pretty simple but security wise I have no idea how safe it is and security wasnt a problem before because it was only for family.In a few weeks my bandwidth speeds will be upgraded and I want to build a secure ftp server for online friends, but I am worried that since I dont know much about security, if anyone gets any funny ideas and tries to hack my network, that my server will be unsecure and might be easy to hack.prefferable I want this guide for linux and the ftpserver to be opensource.ThanksHuss
  13. Huss

    request Section in Tutorials.

    thats awsome, coz I noticed the ftpserver section is empty and I want to create a good secure ftpserver for friends. So that will be my first request when the section is created
  14. Can we get a request section in the tutorials thread.ThanksPS.. the editor box has no spell checker.
  15. Huss

    Opera Blocking Agent Updates

    Thanks PM, Ive been using firefox and these adds are very annoying. I will give this tweak/add-on a go
×