I recently explored OpenSuse as a web server but I found it was was too bloated for my minimal needs so I turned to Debian for a smaller solution. It has long been my distro of choice as I admire it’s ‘minimal’ approach and subsequent lack of system requirements. However, not being a Linux guru I admit I find the lack of documentation difficult.
There is an official guide to installing a Debian Web server here:http://www.aboutdebian.com/internet.htm
Below are my notes.
NB:This is only a 'bare bones' install guide to get a Debian instance running and by no means a guide to producing a fully fledged production ready secured system.
Installing the OS
Check configuration with:
sudo ifconfig
NB: If you get command not found then check /sbin/ is in your $PATH variable: echo $PATH. If not add it with: PATH=$PATH:/sbin/
If you need to add a network device:
See previous post.
Secure it
I wanted to install FTP so I can upload files to the web server:
Mono is the ASP.Net project for Linux: http://pkg-mono.alioth.debian.org/
To install: apt-get install libapache2-mod-mono mono-apache-server2
There is an official guide to installing a Debian Web server here:http://www.aboutdebian.com/internet.htm
Below are my notes.
NB:This is only a 'bare bones' install guide to get a Debian instance running and by no means a guide to producing a fully fledged production ready secured system.
Installing the OS
- Download it from: http://www.debian.org/
e.g. debian-7.1.0-ia64-netinst.iso via bittorrent - Mount the iso or burn the image to disk and boot from it.
- Read the introduction to the installer here: http://www.debian.org/releases/stable/i386/ch06s01.html.en
- Answer the questions when asked. I answered:
- Primary network interface eht0 or 1
- Hostname (computer name)
- Domain name (network name or localdomain)
- Root password (something memorable!)
- User full name and username and password
- Disk partition, I used:
- Guided, use full disk
- Separate /home /usr etc partition
- De-select Graphical desktop and choose: Web Server; Mail Server (for scripts to use); SSH Server (and leave standard system utils).
- Install GRUB boot loader in root: yes.
Root AccessInstall sudo so you can run root commands as normal user:Login as root then run:
apt-get -y install sudoAdd [username] to Sudoers:
adduser [username] sudoLogout and login as [username]: logout
Check configuration with:
sudo ifconfig
NB: If you get command not found then check /sbin/ is in your $PATH variable: echo $PATH. If not add it with: PATH=$PATH:/sbin/
If you need to add a network device:
- sudo nano /etc/udev/rules.d/70-persistent-net.rules
Enter the MAC address etc - Then add it to the interfaces list:
sudo nano /etc/network/interfaces - Add a new entry:
auto ethX
Then either DHCP:
iface ethX inet dhcp
OR static:
iface eth0 inet static
address 192.168.1.10
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.11.
But changing your IP numbers accordingly.
Where X is the number e.g. eth1 - Then fire it up and restart networking:
sudo ifconfig ethX upsudo /etc/init.d/networking restart
- Log in as root and do updates:
sudo aptitude update && sudo aptitude dist-upgrade
To get the latest updates and install them. - Enter Y when prompted then reboot: sudo shutdown -r now
HostnameSetthe hostname if not already set (should have been done during install):
sudoecho "[hostname]" > /etc/hostnamesudohostname -F /etc/hostname- Add an entry for the site into /etc/hosts if it doesn’t already exist:
sudo vi /etc/hosts127.0.0.1 localhost[server IP] [site domain name] [host name]
Remote Access (SHH)See previous post.
Secure it
- Edit hosts.allow to include default Linux box
sudo vi /etc/hosts.allow
Add line:
ALL: [your ip prefix eg. 192.168.0.] - sudo cp /etc/hosts.deny /etc/hosts.deny.YYYYMMDD
- sudo vi /etc/hosts.deny
Add line:
ALL: ALL EXCEPT localhost
I wanted to install FTP so I can upload files to the web server:
- sudo apt-get install vsftpd
- Select standalone installation
- stop the service with: sudo /etc/init.d/vsftpd stop
- Edit the config: sudo vi /etc/vsftpd.conf
- Restrict users to their home directory. Uncomment the line: chroot_local_user=YES
- Start it: sudo /etc/init.d/vsftpd start
Mono is the ASP.Net project for Linux: http://pkg-mono.alioth.debian.org/
To install: apt-get install libapache2-mod-mono mono-apache-server2
Add Accounts for Each Website
I want per website user accounts so they are locked into their own folder:
- adduser [domain_name] (I replaced dots in the name with underscores)
- Logout and login as the new user
- make a directory for the user to store their www files:
mkdir public_html
- Check Open Ports: netstat –an; or netstat –p
- Remove package: sudo apt-get --purge remove package-name
- Remove unecessary packages: apt-get autoremove
- Shutdown: sudo /sbin/shutdown –h now
(-h = halt)
No comments:
Post a Comment