Links

• Flight to Costa Rican Information
• My notes on Web Design
• Show of Faith Radio Show: Houston
• Useful Linux Administration Links
• Perl 6
• Connect to the internet with Ubuntu using Clear 4G Mobile USB
• How to Maintain a Godaddy Virtual Private Server
• linux
• Markup Validation
• CSS Validation
• XHTML Markup
• Photography
• Philadelphia

Notes on Server Maintanance

I run my web site on a Godaddy Virtual Private server. These are notes I am taking as I learn.

Access the server

You need to access the server to make custom modifications and intallations. You can do much using the Plesk interface, but you may also need to log on directly to the server. This gives you the ability to do just about anything. Also most instructions by third party developers assume you will do the installation when you are logged on. A good program to log on to your virtual server is called "Putty." It installs in a variety of operating systems.

The directory where Apache is installed.

If you want to make changes to the configuration of Apache, you will need to know where the configuration files are. First you need to look at the Apache docs web site. W3schools also has some good information. The configuration is in the "httpd.conf" file. So on the Apache site you will want to search for help on the httpd mod directives. The configuration file is at /etc/httpd/config/, cd to this directory. Now that you know that, you can get started completely screwing up you web server. Try cat httpd.config when you get to the correct directory. You can even edit it with your favorite editor assuming your favorite editor is "vi." Make sure you have access to a vi cheat sheet or you might get hopelessly stuck. "yu install emacs." Emacs is another editor. The Apache configuration file is write protected so you have to allow yourself write privileges it to make changes. you also need to bee root. Type su root then after a "return," then type in your password. After that "chmod u+w httpd.config" will allow you to make changes. Most people make a copy first: "cp httpd.conf httpd.conf_working_version" this way you can undo your changes after you mess it up. There are lots of warnings about not doing anything you dont' understand,but if its your VPS and you are prepared to suffer the consequences, do what every you want. After all you are the one who pays for it. If needed you can go to your account in Godaddy, access your server and have it reinstalled.

I like to make sure I leave the file write protected unless there is a change I plan on making. If you edit the file logged in as root, the letters will be white on black instead of red on black, that is easier to read.

There many interesting things. For example the directive DirectoryIndex. This will tell what files to open when someone just types in your domain name (harlananelson.com) I added index.pl so I can run perl code. There are other, possibly more save, ways to do this, but I haven't learned them. Also allowing Perl code to run means someone wanting to crack your site, just needs to upload a file into the web directory with all the Perl commands needed to wreck havoc on your site. Web sites are cracked using clever ways to convince the server to run user controled computer scripts. Scripts run by the web server generally have authority to look at and modify files all over the server, but normal users can at best only see files under the httpd directory. This is why many times passwords are store outside the httpd (http root directory). People also store scripts outside this directory as will so users cannont see the code. This also makes the site more difficult to crack.

Be careful implementing changes you read about or advise you are given because some advise you read on the internet is given by people who don't clearly understand web server security. This document is a good example of that.

There is a file called htaccess, This file allows you to make the same type on directive configurations, only for just the directories and sub directories where you put the file. Turning this feature off and doing all the configuration in the httpd.config might be faster because then the server does not have to read the htaccess files.

The alias directive is interesting. You can have subdirectories map to higher level directories. This may help with organization and possibly have positive security applications as well. The ScriptAlias directive is most likely more interesting. This will allow you to store scripts in a location outside the viewing access of the web user but still have them run when requested. This is also a way to get the address bar to read a location other than the location of the script, but I haven't learned how to do that yet.

The ErrorDocument directive allows you to make the error documents displayed, anything you want. This could be a lot of fun as well.

There is also a WebDAV module CONFIGURATION. This is on my list of things to learn about. WebDAV will alow encripted acces to the server like sftp. When you log on to the server, you have to enter a password, with just ftp, the password is sent unencrypted. People passing by can capture the password. This is what the google streetview car has been doing.

What's new?