New server setup

Question: I want to setup my own server. What software and tools will I need?

Answer: The first major decision to make after you have purchased server hardware is what operating system to use. Many servers come with one already, but if yours does not, you will need to decide on one. Linux or other Unix variants, such as BSD or Solaris are by far the most popular, but there are also many Windows servers out there. If you are on a limited budget, go with a free Linux distribution, such as CentOS.

The next thing to choose is the web server. Choices include Apache, Nginx, and Lighttpd. After that, you will probably one a database server such as MySQL or PostgreSQL Finally, you will want a web-based control panel. Depending on the one you choose, it might also install its own versions of Apache, PHP, and MySQL.

There are many control panel solutions on the market, and most of them are commercial. Popular control panels includ cPanel and Plesk. There are also free solutions available like Virtualmin. Decide what you need for whatever type of websites you plan to have and then choose the software that meets those needs.

Photo: Flickr

How to compare two files in Linux

Question: I have two scripts in a directory on my server. One is the right one and one is not, but I do not remember which is which. How can I compare the two files?

Answer: Linux and UNIX-like operating systems usually come with a comparison command called “diff”. This command will display line-by-line differences between two files. It is useful for software developers, but web developers and web application managers will find it useful as well.

To use it, just enter:

diff script1.php script2.php

It will search through both PHP scripts and find any lines that are different. The output will look something like this:

if(!function_exists('add_action')){
header('HTTP/1.0 404 Not Found');
header('Location: ../../');
> exit();
}

In the first file “exit();” is not present, while the second file correctly contains it. Tomorrow we will learn how to merge the two differing files into one correct file.

Web server round-up

Over the past year, we have discussed several web servers. For your convenience, here is a quick list of each one we have already mentioned, as well as a couple we did not, including links to their project sites.

Apache – This is the most widely used and the one we have spent the most time covering. It is free and open source and runs on nearly every platform available. It is released under the Apache license.

Microsoft IIS – As Microsoft’s proprietary web server, it only comes with and works on Windows. If for some reason you have to run this but do not have Windows, you will have to consider virtualization.

Sun Java System Web Server – This is Sun’s proprietary web server technology that is primarily intended for Sun appliances. Nevertheless, it is cross-platform, and Sun recently opened some of its code under a BSD license.

Ngnix – This is a lightweight web server that runs on both Unix and Windows machines. It has become the fourth most popular HTTP server and is available under a BSD-style license.

Lighttpd – This lightweight HTTP server is designed to take on heavy loads while maintaining a good balance, low memory and CPU usage. It powers YouTube, Wikipedia, and many other high-traffic sites. It is free and open source under a BSD style license.

Photo: Flickr

Using Webmin for Linux commands and tasks

Question: Is there any way to configure a dedicated Linux server without having local access and without logging in to the command line through SSH?

Answer: The short answer is that it is highly unlikely you will never need to use the command line interface on a Linux server, and if you don’t have physical access to the server, you will most likely not have a graphical interface at all.

The exception, however, is Webmin, a very powerful web-based Unix system administration tool. Webmin can be used to replace many of the common command-line tasks, such as creating users, configuring Apache, DNS, passwords, databases, and can even be used to reboot the server. It functions just like most other web-based control panels and comes with a customizable interface (using themes).

Webmin also includes sub-components such as Cloudmin for virtualization and Virtualmin for web hosting. Webmin is free and open source software released under a BSD-style license and is available for download and installation on numerous platforms and Unix-like operating systems.

Source: Webmin.com

What is Putty?

PuTTY is a free terminal emulator that supports SSH and many other protocols. Most users, particularly on Windows, find it very useful for connecting to a Unix or Linux SSH server. PuTTY has a graphical configuration interface with many useful features:

• storage of connection data for quick reconnection
• port forwarding
• IPv6 support
• SCP and SFTP support

In addition to Windows, PuTTY has been ported to Linux and other Unix-like operating systems and will soon have a Mac OS X version. PuTTY is free and open source software released under the MIT license. It is available for download from the project’s website.

Photo: Wikimedia Commons

How to restart Apache in Mac OS X Server

Question: How do I restart Apache HTTP Server on a Mac OS X server?

Answer: Linux other Unix-based servers, you can start and stop Apache from the command line. If you are familiar with Redhat-based systems, then you are used to logging in and then using “su” to become Root. Mac OS Xrelies on “sudo” like many Debian-based systems (such as Ubuntu).

The command for Apache in Mac OS X is “apachectl” (Apache control). To restart Apache, type the following:

$ sudo apachectl restart

To stop Apache, enter:

$ sudo apachectl -k stop

And to start Apache again, type:

$ sudo apachectl -k start

After entering a command with “sudo” you will be prompted for your password. Enter it and continue. You will still need to use “sudo” for each command run as Root, but it will not ask you for the password again until you have stopped using it for a period of time in that session.

Source: nixCraft

Wikto web server assessment tool

Yesterday, we took a look at a web application security testing tool, and there are many other tools like it available both for a fee and for free. But there are not many tools available that actually test the web server itself and even fewer that are designed to test a Windows server.

Wikto, which apparently borrowed its name from Nikto (a Unix-based assessment tool), is a free and open source windows-based web scanner that searches a windows server environment for potential security issues. Unlike web application scanners that focus on the scripting code, Wikto looks at the web server setup and searches for security problems.

Wikto relies on the .NET environment, and you will need to have .NET installed in order to use it. Full documentation is available on the project’s website. You can download it for free from their website as well.

BSD and its descendants

In a previous post, we looked at FreeBSD, one of the descendants of the Berkeley Software Distribution (BSD), which was a Unix-like operating system developed at the University of California at Berkeley. There are other descendants of BSD that have developed as well. Here is a quick overview of them:

FreeBSD, which is the most popular, includes its own descendants, such as DragonFlyBSD, PC-BSD (designed specifically for the desktop), and Apple’s Darwin, which is the core of Mac OS X.

NetBSD focuses on portability, stability, and clean design.

OpenBSD is a fork of NetBSD and is very popular for its security features. Many derivative security projects, such as OpenSSH, are sub-projects of it.

There are many others, but these are the major ones. All distributions of BSD can potentially be used on servers, although some lend themselves to easy dedicated server setup more than others. All are released under a version of the BSD license, making them free and open source software.

Vsftpd an alternative FTP server

Vsftpd stands for “Very Secure FTP Daemon”, and is a an ftp server for Linux and other UNIX-like operating system. As the name implies, it claims to be more secure than the typical FTP server and boasts a number of useful features, including:

Virtual IP configurations
Virtual users
Standalone or inetd operation
Powerful per-user configurability
Bandwidth throttling
Per-source-IP configurability
Per-source-IP limits
IPv6
Encryption support through SSL integration

In addition to security, a number of major free software and computer corporations rely on vsftpd for its stability under stress, transferring large amounts of data. Vsftpd is free software, released under the GNU General Public License. You can download it for free from their website or install it through your Linux distribution repository.

Source: vsftpd
Photo: Flickr

Website Hosting Apache

Apache HTTP Server is the leading web server software available. It commands nearly 60% of the web server market and over 66% of the 1 million sites with the most traffic. It is developed by the Apache Software Foundation and is released under a free and open source license called the Apache License 2.0.

Because it is free, anyone can download and install Apache on nearly any computer. The software supports numerous platforms, including Linux, Solaris, Novell Netware, Microsoft Windows, and various Unix variants. If you are running a Linux server, Apache is very easy to install. Simply use the software repository provided by your distribution. Nearly all distributions have Apache either installed or provide installable binaries. There are also binaries available for many other operating systems. As a last resort, you can build Apache from source and install it manually.

Apache’s configuration is controlled by a single file, often called httpd.conf or something similar. The file can be configured to refer to other configuration files on virtual server websites and also can refer to .htaccess files on within individual directories of sites. Apache is part of the famous LAMP stack, which refers to Linux Apache MySQL, and PHP. Most major web hosts offer Linux hosting with Apache web servers or Windows-based alternatives.