Tag Selector

Zaragoza Clouds

300g  airtel  allow_url_include  api  binary  book review  bot  broadband  card  compiz beryl configuration tool in ubuntu  configuring  confused deputy problem  cpan  data  del  del.ico.us  delicious  diigo  diigo.com  douglas adams  downloader  exploits  ico. us. del.icio.us  include  joomla latest searches module  library  life the universe and everything  linux images  micromax  mmx  modules  perl  php  python  submission tools  submit  text  ubuntu  vulnerability  windows
by Zaragoza Online

apache

Setting up Secure Socket Layer / Transport Layer Security ( SSL / TLS ) on APACHE webserver PDF Print Email
Written by   
Wednesday, 15 October 2008 12:02

ssl allows relatively secure connections over http using a key ceritficate combination for the http server.to enable https connections the webserver needs to set up a ceritficate. following instructions deal with setting up ssl on a generic linux Apache server but can be geralized to most UNIX Distros.

I used the Apache webserver on my Ubuntu (Hardy Heron) laptop as my testing base to set up secure socket layer (SSL).

Installing OPENSSL :

First step before you do anything is to install openssl in to your machine. On ubuntu openssl comes installed by default. you can check by typing the following at the command line. openssl is a useful tool that lets you generate ssl keys and certificates etc and tons of other useful stuff for ssl.

$openssl

 if you get something like command not found etc. you need to install openss. Here are the commands for ubuntu.

$sudo apt-get install openssl

For fedora you might try 

$yum install openssl

After this you would have successfully installed openssl.

Getting mod_ssl :

mod_ssl is the apache package that allows you to actually set up the https connections. mod_ssl depends on a installation of openssl so before you enable it make sure that openssl is pre-installed.

 to check if mod_ssl is installed run the following command.

$ apache2 -l

This should show a list of enabled apache modules however, this might not work on some systems. If that is the case you can try the following :

$httpd -l

Please use the apropriate paths to the bin file apache2 or httpd respectively if neither of the above works.

On Ubuntu (hardy) Apache2 you can simply check if the you can see ssl.conf in the list when you type the following.

$ ls /etc/apache2/mods-enabled/

Enabling mod_ssl :

in ubuntu to enable a installed apache module you can use the command utility a2enmod which simply creates a symlink to a installed module in /etc/apache2/mods-enabled/ from the relevant file in /etc/apache2/mods-available/

Run the following anywhere on the command line:

$a2enmod ssl

Generate a ssl key :

$openssl genrsa -des3 -rand file1:file2:file3 -out www.shantanubhadoria.com.key 1024

 here file1, file2 and file3 are just paths to some random large files on the system

You will be asked to provide a pass phrase, choose a strong one.

 

If you choose to not secure a key use :

$openssl rsa -in www.shantanubhadoria.com.key -out www.shantanubhadoria.com.key.unsecure

Check contents of the key by typing :

$openssl rsa -noout -text -in www.shantanubhadoria.com.key

 

Create a ceritificate signing request :

$openssl req -new -key www.shantanubhadoria.com.key -out www.shantanubhadoria.com.csr

 You will be prompted for cert informarion. you can see the cret info by typing this :

$openssl req -noout -text -in www.example.com.csr

alternatively you can create a self signed cert for testing purposes : 

$openssl x509 -req -days 30 in www.example.com.csr -signkey www.example.com.key -out www.example.com.cert

 chmod the.key file to 400 and store the .key and .cert files in /etc/apache/ssl/

Setting up the Server

Please refer the tutorial on how to install a virtual host on LAMP server for detailed explanation on Virtual Hosts

add a new virtual host or modify an existing virtual host in  the .conf file(or default) for the virtual host stored in /etc/apache2/sites-available/

add the following lines in appropriate places (443 is  thedefault ssl port)

Listen 80

Listen 443

<VirtualHost _default_:443>

ServerName http://www.shantanubhadoria.com

SSLEngine on

SSLCertificateFile /etc/apache2/ssl/www.shantanubhadoria.com.cert

SSLCertificateKeyFile /etc/apache2/ssl/www.shantanubhadoria.com.key

</VirtualHost>

 

restart apache and use https:// instead of http:// to go to your ssl host instead. congrats !! you are all set up with ssl/tls now


Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Mixx! Free and Open Source Software News Google! Live! Facebook! StumbleUpon! Yahoo! Joomla Free PHP
ssl-tls-secure Socket Layer-Transport Layer Security-apache-LAMP-UBUNTU-Hardy Heron 8.10
Last Updated on Wednesday, 15 October 2008 14:55
 
Comments (1)
Adding a Virtual Host to your Apache or LAMP Server PDF Print Email
Written by   
Friday, 26 September 2008 12:12

Adding a Virtual Host allows us to access a web directory on our web browser using a path other that http://localhost or http://127.0.0.1. like http://shantanu/  or http://ba-ba-black-sheep/

 Open up a terminal and type the following :

 

cd /etc/apache2/sites-available/

sudo touch ba-ba-black-sheep.conf

sudo vi ba-ba-black-sheep.conf

 Type in the settings for this Virtual Host in the just opened editor :

<VirtualHost 127.0.1.1:80>
ServerName ba-ba-black-sheep
ServerAdmin me@ba-ba-black-sheep
DocumentRoot /home/me/ba-ba-black-sheep/www
<Directory /home/me/ba-ba-black-sheep/www>
Options -Indexes
AllowOverride All
Order Allow, Deny
Allow From All
</Directory> 
</VirtualHost>

Now all this might seem a bit fancy so let me explain what we just did here.

  • First line <VirtualHost 127.0.1.1> specifies the ip address at which this host resides. This will usually be in 127.x.x.x range for local servers.
  • ServerName ba-ba-black-sheep sets the name of the server as it would finally appear e.g. http://ba-ba-black-sheep/.
  • ServerAdmin This e-mail address is being protected from spambots. You need JavaScript enabled to view it   is your email address to be used for server admin.
  • DocumentRoot /home/me/ba-ba-blacksheep/www/ is the webdirectory path i.e. the path where you will store all your web scripts for the web server. e.g. the php, html etc. files
  • <Directory /home/me/ba-ba-blacksheep/www/> initializes the block of rules for the web dir. these are generally the kind of rules you can also specify in the .htaccess files on you webroot.
  • Options -Indexes specifies that the webserver won't return a list of files in the web directory to the client(browser) if no index file is present
Add a symbolic link to the site name config :
cd ../sites-enabled

ln -s /etc/apache2/sites-available/ba-ba-black-sheep.conf ./ba-ba-black-sheep.conf

sudo vi ../apache2.conf

Go to the end of apache2.conf and add the following NameVirtualHost 127.0.1.1:80 at the following position
#Include the virtual host configurations

NameVirtualHost 127.0.1.1:80

Include /etc/apache2/sites-enabled/

 Run the following :
sudo vi /etc/hosts

Edit the configuration after 127.0.0.1 to add your site name: Note that you willprobably have your own device name instead of shantanu-laptop  in the file.

127.0.0.1      loaclhost
127.0.1.1      shantanu-laptop ba-ba-black-sheep
Thats it you should be all set now. Just restart apache.
sudo /etc/init.d/apache restart
At this point typing http://ba-ba-black-sheep/ would display the content stored in the webroot 
 /home/me/ba-ba-black-sheep/www

Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Mixx! Free and Open Source Software News Google! Live! Facebook! StumbleUpon! Yahoo! Joomla Free PHP
Shantanu Bhadoria-Virtual Host-LAMP-APACHE-Apache-
Last Updated on Friday, 26 September 2008 13:23
 
Comments (1)
How to install and setup LAMP on Ubuntu PDF Print Email
Written by   
Friday, 19 September 2008 09:45

 

Ubuntu was the new flavour of LINUX based on DEBIAN first released on oct 2004. Since then Ubuntu has been making two releases every year with each release number based on the year and month of release. The latest release was Hardy Heron v 8.04, (affectionately called Hairy Hard-on). Compared to most other popular distros, Ubuntu is not bloated into multiple DVDs of installations. It rather follows the debian's path in packaging only the essentials into a single small installable CD. This CD contains only the bare essentials needed to effectively run a desktop or a notebook with the requisite drivers and a GUI. Because of this the package does not contain the LAMP environment pre-installed.

The following instructions deal with installing LAMP on Ubuntu, Hardy Heron, but this should also work on all the previous releases of Ubuntu.These instructions presume that you already have internet connection setup to work on ubuntu and that you have already installed Ubuntu. Enter the following command on the Terminal window(opened by going to (Applications->Accessories->Terminal)  to get the list of latest packages.

sudo apt-get update
To get started on any web application the first thing required is a web server so since we are talking of LAMP here lets install apache 2.2 :
 sudo apt-get install apache2
Once this is done we need to install mysql server 5.0 and PHP5 mysql-gui tools:
 sudo apt-get install php5 mysql-server-5.0 mysql-gui-tools-common

Install php5-mysql and the gd extension for PHP. This is used by allmost every imaging script in php for generating captchas and graphs etc.

sudo apt-get install php5-mysql php5-gd

Install phpmyadmin for administering mysql. (alternately u may choose to install the GUI based mysql query browser from the (applications->add/remove)

 sudo apt-get install phpmyadmin
Now most seasoned professionals use vi editor to work with PHP, HTML, CSS etc. however the version of VI that comes pre-installed with ubuntu is Vim-tiny and which doesn't support the full level of features like text highlighting, highlighted search, custom themes etc. which makes it kindof less useful. To install the full version of Vi including the GUI version. run the following command.
 sudo apt-get install vim-gtk vim-full vim-scripts

You can install additional plugins for vi like vim-perl, vim-tcl, vim-python for other scripts functionality etc. In general installing vim-full will get you most of the plugins you will ever need.

 sudo apt-get install vim-perl vim-tcl vim-python
Now we need to enable phpmyadmin to be available via the browser. Use the following command to open apache.conf in vi. or substitute vi below with gedit or any editor of your choice.
 sudo vi /etc/apache2/apache2.conf
add the following lines right at the end of apache.conf
  # Enable PHPMyAdmin
  Include /etc/phpmyadmin/apache.conf

Save the file and close. Restart apache for all these configurations and extensions to take effect

 sudo /etc/init.d/apache2 restart

After this step you will be able to see the webserver at http://localhost/ or http://127.0.0.1/ and phpmyadmin at http://localhost/phpmyadmin/ or at http://127.0.0.1/phpmyadmin. The webroot for apache is located at /var/www/ as usual, Access error.log and access.log at /var/log/apache2/

 

You can also enable mod_rewrite that lets you rewrite uris etc. for SEO in your .htaccess file by typing the following

$sudo a2enmod rewrite


Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Mixx! Free and Open Source Software News Google! Live! Facebook! StumbleUpon! Yahoo! Joomla Free PHP
install-Installing-setup-Setting-LAMP-PHP-Apache-phpmyadmin-setting up LAMP-UBUNTU
Last Updated on Wednesday, 15 October 2008 13:00
 
Add your comment


Taxonomy by Zaragoza Online