Web Server CentOS 5.

4
Web server  CentOS 5.4 
 Linux web server CentOS 5.4 Web
Server   web server
1.  Linux web server CentOS (V.5.4)
virtual server  server
  virtual server Vcenter   server 
virtual  virtual  ( image iso )
1. Create virtual machine (  server )
1.1 VMware VSphere Client  connect VCenter Server 
Host manage  Virtual machine

1.2 virtual machine  new virtual machine

1.3  Typical  next

1.4  server  next

1.5  storage

1.6 

1.7  (Network card) -Vlan

1.8 virtual disk size

1.9 finish   virtual machine

1.10.    virtual machine  Summary

  Edit Setting

1.11  momery size  service web server

1.12  cpu  service web server

1.13  power on server  

1.14 tab console  boot

** 
1.15 menu connect/disconnect cd/dvd device 
CentOS 5.4 ( iso )

1.16 

1.17  reboot virtual machine   detect

2.  CentOS 5.4
-  server    
Linux CentOS 5.4  enter 
  graphic mode

 virtual server enter   graphic mode

2.1  skip  process

2.2 

2.3 Keyboard   US  OK

2.4   

?  Yes

2.5 Partition  Linux CentOS


Remove all partitions on selected drives and create default layout. 
 Partition  Linux CentOS
Remove linux partitions on selected drives and create default layout.

  Partition  Linux CentOS

Use free space on selected drives and create default layout. 
 Partition  Linux CentOS
Create custom layout.
 Linux CentOS
Which drive(s) do you want to use for this installation? 
    Linux 

 Remove linux partitions on selected drives and create default
layout.  OK   

2.6  
 

 ? Yes

2.7  Network Configuration  

  Edit  OK 

2.8  web server gateway DNS

(  server dns server )

2.9 Time Zone Selection Asia/Bangkok

2.10  root account

2.11 Package  Server-GUI Customize Now ok

2.12  ( web server)

- Desktop Environment ->  Gnome Environment

-Applications -> Editors, Graphic Internet

-development -> Development tool, Java development

-server -> ftp server, Mysql server, Configuration tool webserver

- Mysql Optional package  

- mysql-server
-mysql-devel
- php-mysql

   package 

Base system -> Administrative tool, Base, system tool, X

window System

2.13  format  -  package 

2.14  reboot  package program 

2.15   Welcome

2.16 disable firewall

2.17 disable SELinux

2.18 Kdump 
Forward

2.19  enable network time protocol

2.20  Create User Forward user

 Continue

2.21  Sound Card Forward

2.22  Additional CDs Finish

 OK

2.23  reboot login

2.24 login username root password  ( 2.8)

2.25  internet program firefox web browser.

 internet network configuration

*  Linux web server CentOS 5.4

3.
  run script php

3.1  extension  php  php


Access web server putty SSL  config server


# yum install php-common php-cli php-devel php-mysql php-gd php-imap phpmbstring php-mhash php-pear php-xml php-xmlrpc php-mcrypt

3.2 update php version  php  default version version 5.1 

version 5.3.21 update php  

# wget -q -O - www.atomicorp.com/installers/atomic | sh

Yes

Atomic Repository
#yum update php

->  update php

# php v -> version php

# service httpd restart ->  restart service httpd  web server

3.3  MySQL  Boot


# chkconfig mysqld on
# service mysqld start

->  enable

3.4  MySQL   MySQL   User : root

MySQL 
# mysqladmin -u root password password@1 * password@1  MySQL 
3.5  Apache  Boot 
# chkconfig httpd on
# service httpd start
3.6  httpd.conf 
- httpd.conf server   set default page  index.htm index.php
winscp  /etc/httpd/conf httpd.conf  391
save

 restart service httpd.conf 

# service httpd start

3.7 script php

- info.php source code 
<?php phpinfo(); ?>

- up info.php  server upload winscp

-  path /var/www/html

- info.php run version / extenstion



3.8  webmin  Web interface  website

webmin Control Panel Config Linux Server
port 10000  www.webmin.com

 webmin  /tmp  server

Putty /tmp  server  # cd /tmp  
webmin  
# rpm Uvh webmin-1.620-1.noarch.rpm

 web min port 10000  web browser 

http://203.158.4.124:10000

3.9  phpMyAdmin  interface

phpMyAdmin version 
http://www.phpmyadmin.net/home_page/downloads.php

- zip file
- download folder phpMyAdmin

- up folder phpMyAdmin upload winscp  path

/var/www/html

- phpMyAdmin http://203.158.4.124/phpmyAdmin (

case sensitive)

 Web Server
1. ftp account user ftp web hosting

1.1  manage web min browser 

http://203.158.4.124:10000

1.2 System -> Users and Groups -> Create a new user

1.3 point directory  /var/www/html

* home directory  url 

webhosting +  directory http://ccsweb.sut.ac.th/service

2.  service vsftp  +    T Anonymous

upload file

 vsftp  s Anonymous upload file

 /etc/vsftpd/vsftpd.conf ( vsftp.conf winscp 
)

# Example config file /etc/vsftpd/vsftpd.conf

#
# The default compiled in settings are fairly paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
# Please see vsftpd.conf.5 for all compiled in defaults.
#
# READ THIS: This example file is NOT an exhaustive list of vsftpd options.
# Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's
# capabilities.
#
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO
#
# Uncomment this to allow local users to log in.
#local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
#write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
#local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
#anon_mkdir_write_enable=YES
#
# Activate directory messages - messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES

# Activate logging of uploads/downloads.

xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using "root" for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format.
# Note that the default log file location is /var/log/xferlog in this case.
#xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that on some FTP servers, ASCII support allows a denial of service
# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd
# predicted this attack and has always been safe, reporting the size of the
# raw file.
# ASCII mangling is a horrible feature of the protocol.
#ascii_upload_enable=YES
#ascii_download_enable=YES
# You may fully customise the login banner string:
ftpd_banner=Welcome to blah FTP service.
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd/banned_emails
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
chroot_list_enable=YES
# (default follows)
chroot_list_file=/etc/vsftpd/chroot_list
#
# You may activate the "-R" option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume
# the presence of the "-R" option, so there is a strong case for enabling it.
#ls_recurse_enable=YES
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd whith two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO
chroot_local_user=YES
local_enable=YES
write_enable=YES
local_umask=022
#max_per_ip=
#ftp_username=

 vsftpd.conf save  restart service

# service vsftpd restart

3.  firewall port 22
 webmin networking -> linux firewall
 firewall

 apply configuration activate on boot yes

4. login FTP
1. index.htm  file sample ftp
2. service FTP ftp:// ccsweb.sut.ac.th
3. username / password
4. Upload index file
5.   upload

* browser http://ccsweb.sut.ac.th/service

5.  
5.1 enable disk quota manage webmin system ->
disk and menu file system root file system

 mount option -> Used Quota User and Group.

mount  root  Disk Quota ( 1-2  

harddisk)

5.2 Disk Quota user system ->disk quota-> users

user   Quota  disk quota update

* soft kilobyte limit  unlimited 100 Mb

Hard kilobyte limit  Unlimited 100 Mb

disk quota
1.  blocks 1 block 1 kilo bytes
2.  inodes  1 inode

 

1. soft   (grace)
2. hard  

user service  soft 100 MB hard

100 MB  100 Mb ftp upload
file 
6.T database
 s database  
 database

6.1 User permission Server->MySQL Database server->user permission

6.2 user anonymous

63.3 mysql Create new user

* username- password account ftp 

*host localhost create.

 account  permission

6.4 permission Database Permission -> create new

database permission

Permission  cms website s

-select table data

-Insert table data
-Update table data
-Delete table data
-Create tables
-Alter Tables
-lock tables

6.5 s

6.6 phpMyAdmin
phpMyAdmin  mysql 
http://ccsweb.sut.ac.th/phpMyAdmin

 tab database  database  servicedb  s

database  database 
information_schema  
database website cms database

7. virtual host

default  web server /  folder

/var/www/html http://ccsweb.sut.ac.th/service
  url 
virtual host   http://service.sut.ac.th
 DNS Server ( Alias Cname  web server)
 DNS Server putty winscp login
web server  httpd.conf (/etc/httpd/conf/http.conf)  virtual host 0
section  3
### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.
#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80
NameVirtualHost 203.158.4.124:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#
#
# Directives to allow use of AWStats as a CGI
#
#
# This is to permit URL access to scripts/files in AWStats directory.
#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
#
ServerAdmin webmaster@dummy-host.example.com
#
DocumentRoot /www/docs/dummy-host.example.com
#
ServerName dummy-host.example.com
#
ErrorLog logs/dummy-host.example.com-error_log
#
CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>
<VirtualHost 203.158.4.124:80>
DocumentRoot /var/www/html/service
ServerName service.sut.ac.th
ErrorLog logs/error_log
CustomLog logs/access_log combined
</VirtualHost>

 restart service httpd apache

#service httpd restart

  url virtual host Web browser 

 virtual host 
monitoring
1. apache service httpd
-
#service httpd status -> httpd
#service httpd stop ->  service httpd ( service )
#service httpd start ->  service httpd
#service httpd restart -> restart service httpd
2. Mysql service mysqld
#service mysqld status -> mysqld
#service mysqld stop ->  service mysqld ( service
)
#service mysqld start ->  service mysqld
#service mysqld restart -> restart service mysqld
3 connection Mysql

webmin  connection 
Login webmin  Web hosting IP
http://x.x.x.x:10000 login
- server -> Mysql Database Server

Mysql connection

database web hosting 

connection ( restart service ) 
  database  script spam

database  2012db
table record database 2012db 

4 process-cpu-memory 
 # top ->  process
cpu- memory

top - 09:13:20 up 187 days, 8:36,1 user, load average: 0.43, 0.66, 0.61
09:13:20:
server
up 187 days : uptime ( boot OS )
1 user: user  login shell ( login  + ssh  terminal )
load average: 0.43, 0.66, 0.61:  ""  1 , 5 15

 2:  process 
Tasks: 180 total, 1 running, 179 sleeping, 0 stopped, 0 zombie
Tasks: 180 total : process 
1 running : process  CPU " "
179 sleeping: process / CPU
0 stopped : process  ""
0 zombie: process  clear

process  hardware (
 3: CPU    cpu core cpu
Cpu(s): 27.9%us, 7.2%sy, 0.2%ni, 57.4%id, 6.5%wa, 0.1%hi, 0.8%si, 0.0%st

 Cpu(s) <-- (s) cpu core

1  (` / ~) 

Cpu0 : 27.6%us, 7.2%sy, 0.2%ni, 53.6%id, 10.9%wa, 0.0%hi, 0.5%si, 0.0%st

Cpu1 : 28.1%us, 7.2%sy, 0.1%ni, 55.3%id, 9.0%wa, 0.0%hi, 0.4%si, 0.0%st
Cpu2 : 27.8%us, 7.0%sy, 0.2%ni, 62.0%id, 2.8%wa, 0.0%hi, 0.2%si, 0.0%st
Cpu3 : 28.1%us, 7.3%sy, 0.2%ni, 58.8%id, 3.4%wa, 0.2%hi, 2.1%si, 0.0%st

CPU
 column  
us => user :: CPU  
sy => system ::  kernel  kernel
hardware
ni => nice :: (priority) process 
priority cpu
id => idle :: cpu 
wa => iowait :: ' ' hardware  harddisk ram

hi=> hardware irq (or) % CPU time spent servicing/handling hardware
interrupts
si=> software irq (or) % CPU time spent servicing/handling software
interrupts
st=> steal time - - % CPU time in involuntary wait by virtual cpu while
hypervisor is servicing another processor

 4-5:  
Mem: 8310380k total, 4970936k used, 3339444k free, 217448k buffers
Swap: 6225904k total, 52816k used, 6173088k free, 3001860k cached
Mem: 8310380k total: RAM  OS (

)
4970936k used: ""
3339444k free:  ( )
217448k buffers:  buffer  / harddisk CPU
Swap: 6225904k total: swap space   harddisk

--- windows  pagefile

52816k used: swap space ()
( iowait ) swap space

6173088k free:  swap space 

3001860k cached: file system memory cache linux ram 

 ram ( )
 free + cached  cache 
process
 process  ( )
CPU process  ()

PID : process id
USER : user  process
PR : priority process  nice
NI : nice process (  )
VIRT : virtual image  ( process library)
RES / SHR : private ( app) / shared (ram )
S : process
%CPU : CPU ( core ) cpu 4 core + process 4 thread
thread cpu   400 
%MEM : ram %
TIME+ : ""  CPU  process ( process )
COMMAND :   process
5   hard disk

#df k #df h -> 

6 . permission   site
 permission 
Permission  folder 755 files 644
Permission 755

Owner (files- folder) s read-write-execute file-folder

Group Owner s read-execute folder
other () s read-execute folder
Permission 644
Owner (files- folder) s read-write
Group Owner s read folder -execute
other () s read folder -execute
* permission 777  
file upload 
permission ftp  upload login
  file folder   permission 

7.

 record table
script  phpMyAdmin
database

database

record

 table truncate (
backup ) s
table  
s  
table 
monitoring back
up  backup  - source code - back up 

8. google webmaster tool
google webmaster tool   
search engine Google  
 www.google.com/webmasters/tools
login gmail account

8.1 add website

login page  google add website

8.2 verify site

add website google verify site 
google download generate ( google2723012dd79a4255.html)
download ftp root directory website   verify

 verify list dashboard

8.3 sitemap.xml
Sitemap.xml  website index
 page  page  sitemap  google
sitemap
sitemap  http://www.xml-sitemaps.com  free website
sitemap 500 page

url


start

Download sitemap

 upload sitemap.xml server FTP ( root directory )

google webmastertool  add sitemap

 google

 current status
- crawl error DNS
server
- search queries google internet
keyword search search

- sitemap  indexfile 
 tool    
 ranking  tool 
feature  
hack , Phishing, google