Setting up the "Web Hosting" package.
I'm installing Debian.
I want to install Zope. I will not be using Zope to run my actual web pages at this time. I will be using it to run some web applications, but not my site.
I want to install Lighttpd and PHP5 to run Mediawiki and to serve static content.
I want to install a SQL package. I've heard about SQLite is good for Linodes. This is so I can have a database store for Zope applications and Mediawiki. The main idea is to have a relatively zippy non hoggy SQL package.
BTPD - The BitTorrent Protocol Daemon. To run a guaranteed seed for some files of mine.
Some Kind Of Bittorrent Tracker.
However, I'm blowing up my installation every time I try to do anything. These are what I need to run my website.
Also, some security setup. I've been told to setup a software firewall, etc, etc… and I'm afraid that I'm going… what?
All my "life" I've used hosting from people who do all this stuff and it just "works" unless it doesn't. I got Gentoo installed happily on a box at home and on my workstation at work and thought, "Huh. Setting up a linux server can't be hard either." It's not really HARD… it's more DIFFERENT.
Help on getting this setup would be appreciated.
There's plenty of tutorials on setting up LAMP. But not so much on alternative stuff.
8 Replies
(Or problem reports with more details than "…I'm blowing up my installation every time I try to do anything.")
I have a rule of thumb: there is no such thing as too much detail. There is, however, such a thing as too little detail. Better to overdo it, and let people figure out what's relevant, than to underdo it and play a long-and-drawn out game of 20 Questions…
For a software firewall under Linux, you're looking at configuring something called iptables. There are a few nice front-ends that makes setup pretty easy for the novice iptables admin, but don't recall names or URLs offhand. Someone around here does, though.
I wasn't really looking for "troubleshooting." I was looking for more a group of "how-tos" that could go into the Wiki along the lines of "how to setup IPTABLES with Shorewall," "how to setup lighttpd to serve static content from /var/www," "how to setup BTPD," etc, starting from a fresh distro disk image.
As for the errors I got, it's the errors you get when you tinker with directories and files with near-random "mv" and "rm" thinking you've figured out the world, and finding out… that all you've done is blow up this disk image.
I'll tinker some more, and when I get something working, I'll put it up on the Wiki. Honestly, the thing I'm worried about the most is the Firewall. Having never set up a firewall more complex than the "Windows" one or a point-and-click router version, when I look at IPTABLES (or the webmin shorewall), my head starts to spin. Eventually, I'll have this all figured out (discovery is 99% of the fun, right?), but I'd prefer to have at least my website up during that time.
Thanks for your response, though! As soon as I get an error message on stdout instead of brain I'll post profusely.
FireholDebian tutorial
Arno's Firewall Scripts
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
::rubs eyes:: I knew I should have taken that Networking Basics elective at college.
Also, how can I test if firewall is "working?"
I might go ahead and look at FireHOL as well.
Thanks for pointers. Once I know what I'm doing, I'll know what I'm doing!
You probably have a line in there that sends messages to root or *; adjust or disable these lines.
If you're not sure how, please post contents of your syslog config file, with the "code" html keywords surrounding it.
Regarding testing firewall… you'll obviously need to have access to a machine on the 'outside', and you'll most likely want a tool like nmap.
E.g. if you wanted to test port 9007/udp:
nmap -P0 -sU -p 9007 If you wanted to test, let's say, 1234/tcp:
nmap -P0 -sT -p 1234 You'll want to test each rule (port/proto/IP combo) to make sure it's responding in the desired and expected manner.
You can run nmap from either Windows CLI or an UNIX/UNIX-like box.
(And when you login at webmin you use it to upgrade itself)
This won't help you with most of your problems, but it is a simple way to deal with firewallrules and a lot of different servers and useraccounts and so on.
@autodmc:
I get these kind of messages that just suddenly dump onto the terminal:
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Connection attempt (PRIV): IN=eth0 OUT= MAC=fe:fd:43:12:b0:72:00:02:fc:64:d8:af:08:00 SRC=65.19.178.245 DST=67.18.176.114 LEN=117 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=UDP SPT=58866 DPT=161 LEN=97
Edit /etc/init.d/klogd and replace the line KLOGD="" with KLOGD="-c 5" Then
/etc/init.d/klogd restart
If it helps, I followed this howto
Good luck!