1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[LINUX] Help with web server

Discussion in 'Bits & Bytes' started by MemphisMark, Oct 21, 2017.

  1. MemphisMark

    MemphisMark Old school Conservative

    I picked up a mid-range business machine very inexpensively at a pawn shop a while back with the intent of turning it into a private web server. I got it working as such, but I have a couple minor problems working with it. I also am considering hosting my production websites on it in the future. I currently have 3 Joomla and 1 WordPress websites.

    Environment: Ubuntu 17.04, PHP 7.0, Apache2. I currently access it through putty SSH from my Win desktop.

    Issues:

    1) Anything I FTP up to it (FileZilla) defaults to permissions of 600. Same with creating directories, FZ or SSH.
    2) It takes permissions of 777 to run the websites. I know it needs to be 755.
    3) I have Joomla websites using a URL redirector called sh404SEF. I can’t use the SEF friendly URLs it creates, the “raw” ones work fine.
    4) I don’t know how to take a backup image of the hard drive to protect my work if something crashes.

    Future possibilities:

    1) What kind of firewall/security software do I need to keep it safe from outside attacks?
    2) How do I get access to it from the Internet? Once I can do that, I can redirect my domains to my server.
    3) How would I partition it into a production side and a private side? The private side would not be accessible from outside the network.
     
  2. Biker

    Biker Administrator Staff Member

    Before that server talks to the Internet, you need to take a Linux course or two and figure out what you're doing before you allow others to see it online. This isn't a case of "wing it while it's on line". A server that's not properly secured is screaming to be taken over, and trust me. They'll find it within days of it going live.
     
    MemphisMark likes this.
  3. MemphisMark

    MemphisMark Old school Conservative

    Biker,

    That’s why I’m asking before I do it. I am firmly in the second line of my signature. I know I know not.

    Any help on the 1st part and getting it to run like it should? Never mind the outside part, I want to be able to use search friendly urls on it before I open the door.

    Any idea where can I get some inexpensive (free) online classes?
     
  4. Susan Addams

    Susan Addams Amazonian woman in a petite package!

    Hey, I can help you with some of that right now. You say you need 777 and it gives you 755. Actually 755 is the usual thing but Linux permissions are additive so 777 includes 755. That may not be right but that isn't a problem except from a security point of view.

    If you want to change your permissions just SSH right in and use your chmod command. Google is your friend, and read up on permissions while you learn the command. While you're at it, read up on chown. That'll be important when running websites.

    While you're at it get rid of FileZilla and get WinSCP. In fact DON'T RUN ANY FTP! That is just begging to be hacked! WinSCP runs over your SSH connection and you don't need to open your FTP 21 at all. One less hole for hackers.

    And SSH, secure it with public & private keys, not passwords! Lock that SSH down and dump FTP and use WinSCP to transfer files. Oh, you can change permissions right in WinSCP. When I am working on a server I always have one SSH connection going and one WinSCP connection going. (Actually I'm pretty sure my WinSCP is just piggybacking on my SSH. Or maybe it uses a second SSH connection. From a practical point of view it doesn't matter.)

    Your firewall is "iptables." Google. Do it.

    You have to understand that everything Linux is choices. You like Ubuntu, I like Debian (Jessie). You like Apache, I like nginx. I presume we are both running MySQL. (While you're at it, install phpMyAdmin.) And there is THE PHP. Nothing on this planet moves without it except MSFT IIS and MSFT IIS is for idiots! Why pay for software when all the software you could ever use is free? I can't understand why there is one single MSFT server on this planet except owned by and run by MSFT.

    If you are running stuff you want to be seen by the most public you will just have to learn SEO and use SEO compatible software. Alexa rank isn't everything, it's the ONLY thing. (Note that I write my own log analysis software and have the capability of seeing the actual search terms that any site visitor used to find my site. I'm sure there are log analysis softwares out there. Mine just logs it in a MySQL table and my software log viewer shows me the terms right there.)

    Join Google's webmaster tools, Google analytics, etc. It's free! Enter your site details in your webmaster account, and a few snippets of code to your site, you get the analytics. It's fascinating to leave a window open and watch your traffic in real time! I'll tell you how to do that in future posts. The first time I saw a reasonably busy site running in real time I sat there transfixed for an hour or more just thinking that each blip was another visitor. (I was running an image host at the time. You know, like ImageBam.)

    I've got pretty strong opinions but the fact is there's a zillion ways to go on anything Linux. Get 10 experts together and they'll come up with 10 different systems that do the same damned thing!

    Look, it's 4:00 a.m. and WTF I'm doing up not even I know. You want to ask questions one at a time I can knock them down for you. I can't answer your whole post in one post.

    Hit me up with a question and I'll give you an answer.

    BTW are you putting that thing at your house or somewhere near a backbone? If at your house you know your ISP is going to bug you about your uplink traffic. A better solution might be a VPS, virtual private server. It's a step up from shared hosting (also an option), it's a bunch of little virtual servers running on one big server. Have a look at 1&1's VPS plans starting at $5/month: VPS Hosting | Cheap Windows & Linux Virtual Private Server | 1&1

    That will put you closer to the backbone and your ISP won't bug you. Actually I just fired 1&1 but they're good. I just got too big for my shared hosting plan, I made a bunch on Bitcoin, so I leveraged my gains into a full, dedicated server and then paid some years in advance to be sure it will be there for me, and also to force myself to get with it because I'm wasting money, my money, if I just sit on my hands. It's the carrot on the stick I tied to my back.

    Biker is right. Your two choices are take a class or Google it. I took the Google route. For example, PHP, just Google php + your PHP command, e.g. php time. For Linux just linux chmod. MySQL same.

    If you're running Apache you'll want to learn .htaccess. If you run nginx like I do you'll need to learn server blocks.

    The Internet is self documenting. Everything you want to know about the Internet is on the Internet. Everything you want to know about running servers or writing code is on the Internet. You can even start out by googling "how to google." ;)

    I started out taking just one class in programming in college. I think it was C++ and a few other languages. It was stupid simple. Some time later I saw a program written in BASIC. I laughed out loud! There's a programming language you don't even have to learn! It's obvious how it works! All you need to do is speak English and know math.

    If you want questions answered, bring them! :D


    ETA: I forgot to add, reverse engineering. Download the code for WordPress and figure out how it works. Or download one of the open source forum softwares. You can learn a lot of PHP and MySQL real quick that way. Um, it's a given that if you are writing web pages you know HTML, CSS, JavaScript, DHTML. If not, google is your friend.
     
    Last edited: Dec 15, 2017

Share This Page