CIS 217 - Oakton Community College



CIS 238 - UNIX System Administration

Lab Exercise #11: Apache Web Server, LAMP Server

Install a basic Web Server:

1) Install: lynx, httpd, httpd-tools, httpd-devel, system-config-httpd

2) In /etc/httpd/conf/httpd.conf

- Change ServerName to: p156.

- change the “listen port to 8080

Copy “web.txt” from Lab2 to /var/www/html/index.html

3) service httpd restart

4) telnet 127.0.0.1 8080

GET HTTP/1.0\n\n

.. and hit ENTER twice

5) Connect to the website using NETCAT

echo -e "GET HTTP/1.0\n\n" | nc -w 5 127.0.0.1 8080

Demonstrate the website for the instructor using Firefox browser

6) Add p156. to /etc/hosts as DHCP assigned IP address

Repeat steps 4, 5 using p156. replacing 127.0.0.1

Password secure the web server:

7) Create passwd file for your website: htpasswd -c /etc/httpd/conf/.htpasswd user1

Repeat for users2 –user9 (withoput –c)

chmod 644 /etc/httpd/conf/.htpasswd

8) Create .htaccess file in your DocumentRoot:

AuthUserFile /etc/httpd/conf/.htpasswd

AuthGroupFile /dev/null

AuthName “EnterPassword”

AuthType Basic

require valid-user

9) vi /etc/httpd/conf/http.conf:

Change DocumentRoot as follows:

AllowOverride AuthConfig

10) service httpd restart.

11) Try accessing the web site and you'll be prompted for a password.

Lab Exercise #11: Apache Web Server, LAMP Server

Install MySQL Database Server

12) yum install mysql mysql-server mysql-libs

13) Start the mysql daemon,

service mysqld start

14) then type “mysql”

mysql

Change the MySQL Root Password, the default the root password for the for mysql database.

mysql> USE mysql;

mysql> UPDATE user SET Password=PASSWORD('newpassword') WHERE user='root';

mysql> FLUSH PRIVILEGES;

exit;

15) check by logging in

mysql -u root -p

Enter Password:

exit;

16) Create a new MySQL User: To create a new mysql user ‘guest’ with ‘all privileges’ on database ‘demo’

mysql –u root –p –e ‘create database demo’

mysql –u root –p

mysql >GRANT ALL PRIVILEGES ON demo.* TO 'guest'@'localhost' IDENTIFIED BY 'guest' \

WITH GRANT OPTION;

mysql> USE mysql;

mysql> UPDATE user SET Password=PASSWORD('guest') WHERE user='guest';

mysql> FLUSH PRIVILEGES;

mysql> exit;

Python – native interface, see also mod_wsgi

17) Create Python CGI program /var/www/cgi-bin/test.cgi

#!/usr/bin/python

import cgitb

cgitb.enable()

print (“Content-type: text/html\n\n”)

print (“Hello World”)

18) Point your browser to:

Lab Exercise #11: Apache Web Server, LAMP Server

Install PHP

19) Install PHP Scripting Language

yum install php php-mysql php-pear php-common php-gd php-mbstring php-mcrypt php-xml php-cli php-devel

20) Restart the apache to load php.

service httpd restart

21) Test PHP: Create a file named /var/www/html/test.php with the following phpinfo() function inside php quotes.

// test.php

22) Point your browser to 

Install PERL

23) Install Perl

yum install mod_perl

24) Verify Apache CGI scripts are placed in the /var/www/cgi-bin/ directory as defined by the ScriptAlias directive in the httpd.conf file:

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

25) Create Perl CGI Program: /var/www/cgi-bin/test/test.cgi

#!/usr/bin/perl

# CGI Script "test.cgi"

print qq(

Linux Home Networking

Success!

);

26) Point your browser to:

Lab Exercise #11: Apache Web Server, LAMP Server

Apache self-cert install:

27) Install SSL software:

yum install openssl

yum install mod_ssl

28) mkdir /etc/httpd/conf/ssl; cd /etc/httpd/conf/ssl

Generate RSA private key without a passphrase:

openssl genrsa -out .key 1024

(Don’t do this): openssl genrsa -des3 -out .key 1024

Generates a RSA key with a passphrase - you will be prompted to enter a passphrase right after you hit enter and when Apache starts. You should generally NOT generate the RSA private key with a passphrase if you have scripts that restart apache automatically; Apache will just sit there and wait for the script to input the passphrase.

29) generate the CSR using the RSA Private Key

openssl req -new -key .key -out .csr

Enter your Common Name, Organization, Organization Unit, City or Locality, State or Province and Country.

At email address and challenge password, just hit enter.

Country Name (2 letter code) [XX]:US

State or Province Name (full name) []:Illinois

Locality Name (eg, city) [Default City]:Skokie

Organization Name (eg, company) [Default Company Ltd]:Oakton Community College

Organizational Unit Name (eg, section) []:CIS

Common Name (eg, your name or your server's hostname) []:

Email Address []:

Please enter the following 'extra' attributes

to be sent with your certificate request

A challenge password []:

An optional company name []:

30) Generate self-signed cert (or send ,csr to 3rd party vendor for 3rd party cert):

openssl x509 -req -days 365 -in .csr -signkey .key -out .crt

31) chmod all files to 600, owner and group = root

32) Add to Apache main server(s):

vi /etc/httpd/conf.d/ssl.conf

# Server Certificate:

# SSLCertificateFile /etc/pki/tls/certs/localhost.crt

SSLCertificateFile /etc/httpd/conf/ssl/.crt

# Server Private Key:

# SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

SSLCertificateKeyFile /etc/httpd/conf/ssl/.key

repeat for each virtual server

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download