I'm always interested in web development, and virtualization, so I like to learn how to operate simple webserver for my hobby. I started to learn about Linux about 5 years ago with ubuntu 6.06. So I was operating ubuntu webserver on production on VMware ESXi for a few years in my home office. But one day when the traffic is high and I need more reliable service, then I moved to datacenter but it based on Debian.
My friend Pisan is running web hosting company named Colorpack. We are friend and the member of Joomla! User Group in Thailand. He is also interested in virtulaization and provide VPS service based on OpenVZ as well. At that time I prefer Ubuntu because I'm not so expert in server management and I have more familiar with Ubuntu. But in the real life when I search in Google, there are still many people more rely on Debain than Ubuntu because Debian have been proved the stability and solidity already, while Ubuntu still considered new in the market and relatively a bit more bugs and issue. So my friend suggest to go for Debian on real production.
My most web development activity is configuring and operating Open Source CMS sites. Now I maintain several Joomla! sites and few wordpress sites. Unfortunately, my capacity is limited and it is not enough to learn the others interesting CMS such as Drupal, phpBB, SMF, Vanilla, SugarCMS, Magento, PrestaShop, OpenCart, etc. Anyway, most of them are based on PHP, MySQL and in run best on Apache on Linux environment. So I concentrated on LAMP server (Linux Apache MySQL PHP).
Fortunately, Ubuntu server installation has a LAMP package when you are installing it. But this time I'm using Debian, and it on VPS Hosting provider that I'm not doing the installation by myself, then I come with a plain SSH when I can access it first time.
I was searching around in Google, there are few different procedure between deploying LAMP on ubuntu and on debian. so I write down this one toe remind myself for the next debian configuration.
How to install LAMP on Debian
Let start with Database
Most of the How to in searching result prefer to start with MySQL installation first.
aptitude install mysql-server mysql-client
During configure MySQL server first time, the wizard will ask you to put mysql root password, please make sure you can remember it later.
Next step is Apache2
Again, most of how to are recommended to install Apache2 webserver separately from database and php.
aptitude install apache2
Time for PHP
The last component of LAMP is PHP.
aptitude install php5 libapache2-mod-php5
Then you can restart Apache2 to make php works.
/etc/init.d/apache2 restart
There are many additional modules to choose. Anyway, you can install required modules later when you need it. This is my survival lists of frequently use modules.
aptitude install php5-mysql php5-curl php5-gd php5-imagick php5-json php5-xcache
Actuall now it's done, after you configure webserver and database, you can operate any simple CMS site already.
Thanks to...
- http://www.howtoforge.com/installing-apache2-with-php5-and-mysql-support-on-debian-lenny-lamp
- http://library.linode.com/lamp-guides/debian-5-lenny/
- http://wiki.debian.org/LaMp
FTP Server
Even you can manage your files on VPS via SSH or SFTP, but for better security to manage your CMS files via ftp layer, you still need ftp service on your server. To install ftp server, I prefer ProFTPD. If your just use it yourself, don't provide tp service to your customers, you just install and can use it on the fly with your existing unix users.
aptitude install proftpd
During installation, the wizard will ask to select inetd or standalone, just select standalone and that's all.
Configure Apache SSL
Personally, I prefer to implement SSL for CMS backend. Then I have to implement SSL on webserver. This instruction is working well both debian and ubuntu.
Use a Self-Signed SSL Certificate with Apache
At the shell prompt, issue the following commands to enable SSL for Apache and generate a certificate:
Enable mod_ssl
a2enmod ssl
mkdir /etc/apache2/ssl
Generate Key
openssl req -new -x509 -days 3650 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.key
If your SSL provider requires 2048-bit certificates, please add the following option to the command shown above:
-newkey rsa:2048
Don't forget to add listen port configuration in /etc/apache2/ports.conf
Listen 443
Thanks to...
Configure Digest Authentication
The alternative way to simply secure your CMS backend is Apache Authentication. Or if I have to lock the beta site from public access. There are 2 common kinds of authentication, basic authentication and digest authentication. I prefer to concentrate on digest authentication for better security.
Enable mod_auth_digest
a2enmod auth_digest
mkdir /etc/apache2/auth
Synopsis
htdigest [ -c ] passwdfile realm username
Options
-c- Create the passwdfile. If passwdfile already exists, it is deleted first.
passwdfile- Name of the file to contain the username, realm and password. If
-cis given, this file is created if it does not already exist, or deleted and recreated if it does exist. realm- The realm name to which the user name belongs.
username- The user name to create or update in passwdfile. If username does not exist is this file, an entry is added. If it does exist, the password is changed.
Example
command line:
htdigest /etc/apache2/auth/.digest MEEDEE.NET username
edit your virtualhost configuration
AuthType Digest
AuthName "MEEDEE.NET"
AuthUserFile /etc/apache2/auth/.digest
Require valid-user
Thanks to...
- http://httpd.apache.org/docs/2.2/programs/htdigest.html
- http://httpd.apache.org/docs/2.2/mod/mod_auth_digest.html
Install SUDO in Debian
My Debian VPS image didn't come with sudo. I have to install and configure it manually.
aptitude install sudo
After that you can manage the sudoers (sudo user) by edit /etc/sudoers file. My method is allow to all user in group sudo.
# User privilege specification
root ALL=(ALL) ALL
# Group priviledge specification
%sudo ALL=(ALL) ALL
Server Management for newbie
For a geek guys like many friends of mine, they can operate all the task via SSH. I'm also like to do many things on SSH, but as my knowledge is limited, I still need help from GUI tools to manage some other tasks. Event the task is just simple text editing, but to edit it via Web-based text editor till much easier than edit it directly from SSH.
Updated: I moved my server management issue to the new article: Server Management for newbie on Debian
| < Prev | Next > |
|---|
escription got mangled a bit. I use semicolon now of course it should be colon
escription else no-go for LinkedIn shares.
