Monthly Archives: November 2012

Installing suPHP on CentOS

Installing suPHP in centOS.

Download the suPHP package first thru terminal.

wget http://www.suphp.org/download/suphp-0.7.1.tar.gz

then extract it.

tar -zxvf suphp-0.7.1.tar.gz

cd suphp-0.7.1.tar.gz

yum install gcc gcc-c++ httpd-devel

yum install make

./configure –with-apr=/usr/bin/apr-1-config –with-apache-user=apache –prefix=/usr

make && make install

vi /etc/httpd/conf/httpd.conf
Add below line
LoadModule suphp_module modules/mod_suphp.so

Add below line in the <Directory /> section of your websites.

suPHP_Engine on
suPHP_AddHandler application/x-httpd-php .php
suPHP_UserGroup webroot webroot

vi /etc/httpd/conf.d/php.conf

Add below line,

AddType application/x-httpd-php .php

Create a file called suphp.conf and should be place to /etc directory.

vi /etc/suphp.conf

[global]
;Path to logfile
logfile=/var/log/suphp/suphp.log

;Loglevel
loglevel=info

;User Apache is running as
webserver_user=apache

;Path all scripts have to be in
docroot=/var/www/html

;Path to chroot() to before executing script
;chroot=/mychroot

; Security options
allow_file_group_writeable=false
allow_file_others_writeable=false
allow_directory_group_writeable=false
allow_directory_others_writeable=false

;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true

;Send minor error messages to browser
errors_to_browser=true

;PATH environment variable
env_path=/bin:/usr/bin

;Umask to set, specify in octal notation
umask=0073

; Minimum UID
min_uid=408

; Minimum GID
min_gid=400

[handlers]
;Handler for php-scripts
;x-httpd-php=”php:/usr/bin/php-cgi”

;Handler for CGI-scripts
x-suphp-cgi=”execute:!self”
application/x-httpd-php=”php:/usr/bin/php”
application/x-httpd-php4=”php:/usr/php4/bin/php”
application/x-httpd-php5=”php:/usr/bin/php”

Restart the service by executing the command below.

/etc/init.d/httpd restart

Create two users as an example.

 

adduser choi; add choi as a user

adduser cool; add cool as a user

Upload a test script for example whoami.php

/***********code starts here****************/

<?php
echo “Output of the ‘whoami’ command:<br /><br />”;
echo exec(‘/usr/bin/whoami’);
?>

/***********code ends here****************/

Change the owner of whoami.php file to the users that you have just created.

chown choi:choi whoami.php

-rwxr-xr-x 1 choi  choi    94 Nov 30 16:37 whoami.php

chown cool:cool whoami.php

-rwxr-xr-x 1 cool  cool    94 Nov 30 16:37 whoami.php

chmod 755 whoami.php

-rwxr-xr-x 1 cool  cool    94 Nov 30 16:37 whoami.php
-rwxr-xr-x 1 cool  cool    94 Nov 30 16:37 whoami.php

NOTE: the script will only be viewable at this permission 644 – 755; if > 755 then it will show an error message.

 

Host multiple domain name in a Virtual Host.

1. You may need to install apache in your CentOS box.

yum install httpd

2. Edit the httpd.conf file.

vi /etc/httpd/conf/httpd.conf

Below is my customize httpd.conf which host two websites (siteone.com and sitetwo.com).

Listen *:80
<VirtualHost 192.168.2.124:80>
ServerAdmin test@webserverpage.com
ServerName siteone.com
ServerAlias www.siteone.com
DocumentRoot /var/www/html/siteone
DirectoryIndex index.html index.pl index.php
DocumentRoot /var/www/html/siteone
ScriptAlias /cgi-bin/ /var/www/html/siteone/cgi-bin/
<Directory “/var/www/html/siteone/cgi-bin”>
AllowOverride None
AddHandler cgi-script .pl
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

<VirtualHost 192.168.2.124:80>
ServerAdmin test@webserverpage.com
ServerName sitetwo.com
ServerAlias www.sitetwo.com
DocumentRoot /var/www/html/sitetwo
DirectoryIndex index.html index.php
</VirtualHost>

3. Restart apache to make it work.

service httpd restart

4. Upload your website to your specified path in your “DocumentRoot” in httpd.conf. Mine is in this location /var/www/html/siteone and /var/www/html/sitetwo

5. Done.

Install & Configure the BIND DNS Server

 

Install & Configure the BIND DNS Server

Install BIND

1. Make sure you have internet connectivity and install the BIND DNS server.

[root@centos#]yum install bind

2. Set your DNS server setting to resolve to your loopback interface. Edit the configuration of you interface.

[root@centos#]vi /etc/sysconfig/network-scripts/ifcfg-eth0

# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
NM_CONTROLLED=”no”
DNS1=127.0.0.1
BOOTPROTO=static
BROADCAST=192.168.2.255
GATEWAY=192.168.2.254
HWADDR=00:00:00:00:00:00
IPADDR=192.168.2.124
NETMASK=255.255.255.0
NETWORK=192.168.2.0
ONBOOT=yes
NETWORKING_IPV6=yes
IPV6INIT=yes
IPV6_AUTOCONF=yes

After the changes, make sure that you have executed the command below.

[root@centos sysconfig]#ifdown eth0
[root@centos sysconfig]#ifup eth0

3. Check the resolve.conf file to verify that your DNS setting of 127.0.0.1 is available. This should automatically be reflected to resolv.conf file. DO NOT manually type the loop back address to the resolv.conf.

cat /etc/resolv.conf

4. Restart the BIND DNS server.

[root@centos sysconfig]#service named restart

5. Now try to see if your DNS server can reach other DNS servers over the internet in order to resolve dns lookups.
nslookup google.com

6. Now put in a chkconfig command to allow BIND to start on system startup.

[root@centos sysconfig]#chkconfig named on

7. I have assigned my hostname to “centos”.

[root@centos sysconfig]# vi /etc/sysconfig/network
and add the following line after NETWORKING=”yes”:
HOSTNAME=”example-server-hostname”

8. Add a fully qualified domain name (FQDN).

[root@centos sysconfig]#vi/etc/sysconfig/network-scripts/ifcfg-eth0

# Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+
DEVICE=eth0
NM_CONTROLLED=”no”
DOMAIN=”centos.com”
DNS1=127.0.0.1
BOOTPROTO=static
BROADCAST=192.168.2.255
GATEWAY=192.168.2.254
HWADDR=00:00:00:00:00:00
IPADDR=192.168.2.124
NETMASK=255.255.255.0
NETWORK=192.168.2.0
ONBOOT=yes
NETWORKING_IPV6=yes
IPV6INIT=yes
IPV6_AUTOCONF=yes

9. Now that your hostname and fully qualified domain name are configured it is time to configure the BIND (NAMED) DNS server.The first file to configure is: /etc/named.conf

[root@centos sysconfig]#vi /etc/named.conf

acl local-network { 192.168.2.0/24; };
options
{
listen-on { any; };
allow-query {any;};
allow-recursion { 127.0.0.1; };
query-source port 53;

directory “/var/named”; // the default
dump-file “data/cache_dump.db”;
statistics-file “data/named_stats.txt”;
memstatistics-file “data/named_mem_stats.txt”;
};
logging
{
channel default_debug {
file “data/named.run”;
severity dynamic;
};
};

view “internal”
{
match-clients {localnets; 127.0.0.1; 192.168.2.0/24;};
match-destinations {localnets; 127.0.0.1; 192.168.2.0/24;};
// recursion yes;
include “/etc/named.root.hints”;
include “/etc/rndc.key”;
include “/etc/named.rfc1912.zones”;

zone “centos.com” IN {
type master;
file “/var/named/centos.com.zone.db”;
allow-update { none;};
};

zone “siteone.com” IN {
type master;
file “/var/named/siteone.com.zone.db”;
allow-update { none;};
};

zone “sitetwo.com” IN {
type master;
file “/var/named/sitetwo.com.zone.db”;
allow-update { none;};
};

zone “2.168.192.in-addr.arpa” IN {
type master;
file “/var/named/centos.com.zone.rr.db”;
allow-update { none; };
};

zone “abc.com” IN {
type master;
file “/var/named/abc.com.zone.db”;
allow-update { none;};
};

zone “3.2.1.in-addr.arpa” IN {
type master;
file “/var/named/abc.com.zone.rr.db”;
allow-update { none; };
};

};

11. Create two zone reference file to this location /var/named/chroot/var/named/

—-This is for my domain name “centos.com” —–
centos.com.zone.db
centos.com.rr.zone.db
————————————————-

/********centos.com.zone.db starts here*******/

$ORIGIN centos.com.
$TTL 86400
@ IN SOA dns1.centos.com. hostmaster.centos.com. (
2012112901
21600
3600
604800
86400 )
IN      NS      dns1.centos.com.
IN      MX      10 mail.centos.com.
IN      A       192.168.2.124
dns1    IN      A       192.168.2.124
centos  IN      A       192.168.2.124
ftp     IN      A       192.168.2.124
mail    IN      CNAME   centos.
www     IN      CNAME   centos.

/********centos.com.zone.db ends here*******/

/******centos.com.zone.rr.db starts here****/

$ORIGIN 2.168.192.IN-ADDR.ARPA.
$TTL 86400
@       IN      SOA     dns1.centos.com. hostmaster.centos.com. (
2012112901
21600
3600
604800
86400 )

@       IN      NS      dns.centos.com.
1       IN      PTR     centos.centos.com.
2       IN      PTR     centos.centos.com.
3       IN      PTR     centos.centos.com.
4       IN      PTR     centos.centos.com.

/*******centos.com.zone.rr.db ends here*****/

—-This is for my domain name “abcd.com” —–
abc.com.zone.db
abc.com.rr.zone.db
———————————————–

/********abc.com.zone.db starts here*******/
/********abc.com.zone.db ends here*********/

$ORIGIN abc.com.
$TTL 86400
@       IN      SOA     dns1.abc.com. hostmaster.abc.com. (
2012112901
21600
3600
604800
86400 )
IN      NS      dns1.abc.com.
mx      10      mx.abc.com.

abc     IN      A       1.2.3.4
dns1    IN      A       1.2.3.4
mx      IN      A       1.2.3.4

/********abc.com.zone.rr.db starts here****/

$ORIGIN 3.2.1.IN-ADDR.ARPA.
$TTL 86400
@       IN      SOA     dns1.abc.com. hostmaster.abc.com. (
2012112901
21600
3600
604800
86400 )

@       IN      NS      dns1.abc.com.
1       IN      PTR     abc.abc.com.
2       IN      PTR     abc.abc.com.

/********abc.com.zone.rr.db ends here******/

12. Now restart your server and try resolving your domain names with nslookup. You should see that they resolve to your server!!!

[root@centos#]service named restart
[root@centos#]dig centos.com @192.168.2.124

dig centos.com @192.168.2.124
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.5 <<>> centos.com @192.168.2.124
;; global options: printcmd
;; Got answer:
;; ->>HEADER< ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;centos.com. IN A
;; ANSWER SECTION:
centos.com. 86400 IN A 192.168.2.124
;; AUTHORITY SECTION:
centos.com. 86400 IN NS dns1.centos.com.
;; ADDITIONAL SECTION:
dns1.centos.com. 86400 IN A 192.168.2.124
;; Query time: 2 msec
;; SERVER: 192.168.2.124#53(192.168.2.124)
;; WHEN: Mon Nov 26 12:10:34 2012
;; MSG SIZE rcvd: 79

Apache (httpd) is not working on external IP address after fresh install of CentOS.

By default port 80 is not added in the accepted of the builtin firewall/iptables of CentOS. Below is the default content of the ip tables.
/***************************************************************/
# Generated by iptables-save v1.3.5 on Thu Nov 22 14:43:27 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4076:351018]
:RH-Firewall-1-INPUT – [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -p tcp -m tcp –dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp –icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp –dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp –dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp –dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Nov 22 14:43:27 2012
/****************************************************************/

Solution:

Add port 80 in the whitelist of builtin firewall of Centos.

$/sbin/iptables -I RH-Firewall-1-INPUT -p tcp -m tcp –dport 80 -j ACCEPT

After, save it by executing the command below.
$/sbin/service iptables save

Creating Virtual NIC in Centos

Type this to the terminal
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:0

Change the values to your desired IP address which is in different subnet.

It should look like this

[root@choi ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:FD:78:BE
inet addr:192.168.0.100 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fefd:78be/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:469 errors:0 dropped:0 overruns:0 frame:0
TX packets:534 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:43223 (42.2 KiB) TX bytes:100665 (98.3 KiB)
Base address:0x1070 Memory:e8820000-e8840000

eth0:0 Link encap:Ethernet HWaddr 00:0C:29:FD:78:BE
inet addr:192.168.2.101 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Base address:0x1070 Memory:e8820000-e8840000

Installing LAMP server in Centos

Installing LAMP in CentOS

Installing MySQL 5.0

Type the commands below to the terminal.

-yum install mysql mysql-server
-chkconfig –levels 235 mysqld on <--- this command starts mysql automatically whenever the system boots. -/etc/init.d/mysqld start -mysql_secure_installation Installing Apache2 Type the commands below to the terminal. -yum install httpd -chkconfig --levels 235 httpd on <--- this command starts httpd automatically whenever the system boots. -/etc/init.d/httpd start To test type this address to your selected browser. http://localhost/ <-- if it will display something then your apache is working. Installing PHP5 Type the commands below to the terminal. -yum install php -/etc/init.d/httpd restart