Apache/websites

[inittux]

Today I'm going to be trying to get move all my files from how they are now to /home/feedmebits/public_html as you recommended then I'll have to change that in my apache config file

and and I'll fix my blackhole. then I'll have a go out trying to install/configure suPHP, then I'll try implementing some IDS utils maybe that's smarter to do before suPHP?

and and then I'll start working on my website. So you'll seen it as soon as I have the above done. and my website will be hopefully just becoming more of a website over time

will add stuff on it over time. And I also need to look for a way to back/restore up all my important data from my dedicated server. Isn't that usually /home /var /etc that are important to backup?.

Incase I make a really bad screw up which I can't undo cuz reinstalling doesn't sound very fun cuz reconfiguring everything takes so much time lol. And I'll just keep updating this post for when

I'm stuck with something I reallycan't figure out.

[inittux]

Under your ServerName directive, add in something like "ServerAlias feedme.testbed" then add feedme.testbed to your local hosts file. That way, your browser will resolve it to the server IP, and Apache will serve up the same content as though it was feedmebits.nl.

 

 

I got my log file figured out, just missed part of the path. it works now and my bucket does to :)

Still not able to access my webpage from my home/username. So I tried like you said; made an Alias:

 

ServerAlias www.feedmebits.nl

 

 

and I added it:"ip www.feedmebits.nl"

to the /etc/hosts file and I restarted apache. I still don't see my website and my ip/dns in my hosting control panel are set right. Think I may have to shoot in a ticket.

[inittux]

I figured something out, nameserver for feedmebits.nl were still set to my old hosting provider. So they are going to change it to theirs. I did set my other domein name feedmebits.com to my dedicated server ip too. When I go to www.feedmebits.com I get my home made html test page(it's also my bucket, but get no logs only when I do it via ip. Think I'm still mising something and over looked a configuration. I also tried renaming the server alias to www.feedmebits.com and adding this to the /etc/hosts file and restarting apache but this also had the same result, and no joomla page appearing. So my guess would be that apache still doesn't have enough rights somewhere to access the webcontent under /home/user/webfolder?

 

[root@localhost ~]# cd /home/feedmebits/www/

[root@localhost www]# pwd

/home/feedmebits/www

[root@localhost www]# ls -l

total 4

drwxr-xr-x 15 root apache 4096 Aug 13 11:26 feedmebits.nl

[root@localhost www]#

 

As far as I can see from this apache is in the group and apache has enough rights to read this folder?I'm kind of stuck now.

[Dungeon-Dave]

Today I'm going to be trying to get move all my files from how they are now to /home/feedmebits/public_html as you recommended then I'll have to change that in my apache config file and and I'll fix my blackhole. then I'll have a go out trying to install/configure suPHP, then I'll try implementing some IDS utils

Good - you've got it the right way around!

 

Just a note: if you configure another vhost and have the ServerName something that's locally-accessible (eg: an entry in your hosts file that's feedmebits.mylan) but not found out on the internet, then you can use this as a testing area, knowing that someone won't get to it by accident.

 

From that point, you can configure suPHP to work against specific vhosts (turn it on for a testbed) and watch the logfiles to see what works/breaks. Then perform tweaks until it works under suPHP, and apply those changes to your live site.

 

You'll find that once you add suPHP it locks a LOT of stuff down and requires you to do a lot of tightening up before apache will consider serving up pages. Logfiles here are a MUST.

maybe that's smarter to do before suPHP?

The IDSes need to feast off logfiles, so having some logging running then monitoring them for suspicious activity is my way around - else you'll not know if the IDS is actually preventing suPHP or apache from serving pages.

 

I know there are some default rules for fail2ban, but it's worth building up some data first before playing with them - else F2B will be hunting for logfiles that don't exist or are empty.

and and then I'll start working on my website. So you'll seen it as soon as I have the above done. and my website will be hopefully just becoming more of a website over time

will add stuff on it over time.

Good, good - sounds like a plan.

And I also need to look for a way to back/restore up all my important data from my dedicated server. Isn't that usually /home /var /etc that are important to backup?.

With any server, I recommend trying to split the directories into dynamic/static stuff, and data/programs. From there, decide what needs to backup and how often. In your case:

/home - contains important data like website stuff, so probably daily

/var - contains logs and diagnostic stuff, but no important data, so maybe weekly

/etc - contains config files that don't change often, so maybe 2-weekly, or monthly.

 

Another area you may want to consider is /usr/local - I drop custom scripts into /usr/local/bin and /usr/local/sbin on my servers.

 

Any backup plan usually revolves around the recovery plan. So ask yourself two questions:

1. if I lose my server and I need to rebuild it, what files/dirs do I need to add to a fresh install to get it back?

2. how can I make the backup/restore process easier to manage?

 

The first you've pretty much considered. The second is really about not spreading your important data around the place, and not trying to recover stuff that you don't need to (don't backup /tmp, for instance)

Incase I make a really bad screw up which I can't undo cuz reinstalling doesn't sound very fun cuz reconfiguring everything takes so much time lol. And I'll just keep updating this post for when I'm stuck with something I reallycan't figure out.

Backups mean you have copies of important data before things went wrong - either through a change you manually did, something automatic, or something catastrophic. Even making a copy of httpd.conf to httpd.old before making changes is considered a backup - ensure you've got a way of "rolling back time".

 

Also, as a last point: once you've created your backup, try having a go at a restore - see if you can get back one config file or recover some website data to another directory. Not only does it help to test your plan, but it also means you are more prepared for when you DO need to perform a recovery.

 

Keep at it!

[Dungeon-Dave]

and I added it:"ip www.feedmebits.nl"

to the /etc/hosts file and I restarted apache. I still don't see my website and my ip/dns in my hosting control panel are set right. Think I may have to shoot in a ticket.

Check that your machine is correctly resolving the hostname to the IP address - depending upon how your nsswitch is setup, your client machine may try DNS before it tries hosts files.

 

If you add an alias of something that definitely isn't valid on the internet (ServerAlias www.feedmebits.testbed) then add that to your host file, your client machine will definitely be forced to pick up that IP address - rather than attempt to use DNS.

[Dungeon-Dave]

nameserver for feedmebits.nl were still set to my old hosting provider...

 

.. I go to www.feedmebits.com I get my home made html test page(it's also my bucket, but get no logs only when I do it via ip.

Which site are you trying to set up?

 

It may help if you provide a list of domains for which you want Apache to serve - we can take it from there.

[inittux]

<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="14868" data-ipsquote-username="feedmebits" data-cite="feedmebits" data-ipsquote-timestamp="1313316234" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="4122" data-ipsquote-contentclass="forums_Topic"><div>
and I added it:"ip www.feedmebits.nl"

to the /etc/hosts file and I restarted apache. I still don't see my website and my ip/dns in my hosting control panel are set right. Think I may have to shoot in a ticket.

Check that your machine is correctly resolving the hostname to the IP address - depending upon how your nsswitch is setup, your client machine may try DNS before it tries hosts files.

 

If you add an alias of something that definitely isn't valid on the internet (ServerAlias www.feedmebits.testbed) then add that to your host file, your client machine will definitely be forced to pick up that IP address - rather than attempt to use DNS.



</div></blockquote>
/etc/hosts format is like this right? I haven't really worked with it alot:

 

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

::1 localhost6.localdomain6 localhost6

 

#I edited file from here:

myserverip feedmebits.nl (second part being the alias?)

myserverip feedmebits.testbed (second part being the alias?)

[inittux]

<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="14871" data-ipsquote-username="feedmebits" data-cite="feedmebits" data-ipsquote-timestamp="1313330415" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="4122" data-ipsquote-contentclass="forums_Topic"><div>
nameserver for feedmebits.nl were still set to my old hosting provider...

 

.. I go to www.feedmebits.com I get my home made html test page(it's also my bucket, but get no logs only when I do it via ip.

Which site are you trying to set up?

 

It may help if you provide a list of domains for which you want Apache to serve - we can take it from there.



</div></blockquote>
 

Basically feedmebits.nl feedmebits.com and feemdmebits.net

 

feedmebits.nl is what my virtual domain is setup for. hosting provider still needs to change my nameservers to

my new hosting provider for feedmebits.nl

and I still can't reach my web content yet even though rights are set right for apache as far as I can see.

 

[root@localhost www]# pwd

/home/feedmebits/www

[root@localhost www]# ls -l

total 4

drwxr-xr-x 15 root apache 4096 Aug 13 11:26 feedmebits.nl

[root@localhost www]#

 

if you got www.feedmebits.com I get my bucket not my joomla page. And it also logs it, thought with the bucket it should only log when directly using my ip?

And would you advise using rsync or rsnapshot for backup/restores?

[inittux]

Here's how I'm trying to get it setup:

domains I own: feedmebits.nl(hosting provider needs to edit nameservers), feedmebits.net and feedmebits.com

 

For feedmebits.com I also pointed towards my dedicated servers ip.

 

My website data I have under /home/feedmebits/www/feedmebits.nl

So basically when I go to either feedmebits.com feedmebits.nl or feedmebits.net I went to end up where my virtualdomain website is located.

Right now I tried editing my apache file and change my alias to http:/feedmebits.com and a and also changing that in the hosts file to see if my

joomla site would be accessible but I still end up in my bucket. So I'm thinking apache still can't read out of my /home/feedmebits/www folder

So the main problem I'm having right now is getting apache to read/use /home/feedmebits/www instead of /var/www/html/.blackhole when going to

feedmebits.com (cuz feedmebits.nl I have set to the same ip as feedmebits.com so they should both end up in the same place)

I hope it's a bit more clear now. Cuz it's getting kind of confusing, but I guess in the end I will learn from it :)

 

 

 

host control panel domein:

feedmebits.nl: connected to my dedicated server ip but they need to change the nameservers

feedmebits.net: doesn't really matter right now, can change the ip later

feedmebits.com: has my dedidated server ip connected to it.

 

How it is setup in my config file.

 

And here's what my /etc/hosts file looks like:

 

/etc/hosts:

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

::1 localhost6.localdomain6 localhost6

 

#I edited file from here:

myserverip http://feedmebits.nl

 

---------------------------------

 

httpd:conf

# Custom virtualhosts

NameVirtualHost myserverip:80

 

<virtualhost myserverip:80></virtualhost>

## -- DEFAULT: should NEVER get here normally!

ServerName nothing.here

ServerAdmin abuse@127.0.0.1

DocumentRoot /var/www/html/.blackhole

ErrorLog /var/log/httpd/sniffer_error.log

CustomLog /var/log/httpd/sniffer_access.log combined

Loglevel warn

 

DirectoryIndex index.htm

ScriptAlias /cgi-bin /var/www/html/.blackhole

 

 

## this redirects any sniffers over to the right page...

#AliasMatch ^/(.*) /websites/.blackhole/index.php

 



 

 

<virtualhost myserverip:80></virtualhost>

ServerAlias http://feedmebits.nl

ServerAdmin maarten@feedmebits.nl

DocumentRoot /home/feedmebits/www/feedmebits.nl

ServerName feedmebits.nl

ErrorLog /var/log/httpd/websites/feedmebits.nl/error.log

CustomLog /var/log/httpd/websites/feedmebits.nl/access.log combined

Loglevel warn

 

<directory></directory>

AllowOverride None

order allow,deny

allow from all

Options Indexes Includes FollowSymLinks

[Dungeon-Dave]

if you got www.feedmebits.com I get my bucket not my joomla page. And it also logs it, thought with the bucket it should only log when directly using my ip?

No - you'll get the bucket is no vhost is matched.

 

If you want www.feedmebits.com to serve up your second or third vhost, then you need to add it as a ServerAlias entry, eg:

 

Code:

<VirtualHost ipadress:80>

   ServerAdmin maarten@feedmebits.nl
   ServerName feedmebits.nl
   ServerAlias www.feedmebits.nl www.feedmebits.com

   DocumentRoot /home/www/public_html/feedmebits.nl
   ErrorLog /log/httpd/websites/feedmebits.nl/error.log
   CustomLog /logs/httpd/websites/feedmebits.nl/access.log combined

   <Directory /home/www/public_html/feedmebits.nl>
      AllowOverride None
      order allow,deny
      allow from all
      Options Indexes Includes FollowSymLinks
   </Directory>
</VirtualHost>

 

For a website to show up, two things need to happen:

1. The URL resolves to a server

2. a ServerName or ServerAlias needs to match that URL.

 

The idea of the bucket is that if a URL resolves to that IP but no ServerName/Alias matches it, the bucket is shown. So if you type in a URL and you get your bucket, it's definitely resolving to the right IP address.. but Apache isn't matching it to a host header name (the ServerName/Alias bit).

 

You're pretty much there!

 

nb: as I mentioned before, pick some non-resolvable aliases to add to your hosts file and apache configs to test them out, eg:

Code:

## in my hosts file
192.168.24.47    feedmebits.testbed

 

Then in Apache:

Code:

<VirtualHost *:80>

   ServerAdmin maarten@feedmebits.nl
   ServerName feedmebits.nl
   ServerAlias www.feedmebits.nl www.feedmebits.com feedmebits.testbed
...

 

Then you should be able to ping "feedmebits.testbed" and get an IP back, and your browser should point to this Apache install which will serve up this particular vhost.