The Perfect Server - CentOS 5.6 x86_64 [ISPConfig 2] - Page 6
12 Apache2 With PHP, Ruby, Python, WebDAV
Now we install Apache with PHP (this is PHP 5.1.6):
yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel
Then edit /etc/httpd/conf/httpd.conf:
vi /etc/httpd/conf/httpd.conf
and change DirectoryIndex to
[...] DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl [...] |
Now configure your system to start Apache at boot time:
chkconfig --levels 235 httpd on
Start Apache:
/etc/init.d/httpd start
12.1 Disable PHP Globally
(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.
To disable PHP globally, we edit /etc/httpd/conf.d/php.conf and comment out the AddHandler and AddType lines:
vi /etc/httpd/conf.d/php.conf
# # PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. # <IfModule prefork.c> LoadModule php5_module modules/libphp5.so </IfModule> <IfModule worker.c> # Use of the "ZTS" build with worker is experimental, and no shared # modules are supported. LoadModule php5_module modules/libphp5-zts.so </IfModule> # # Cause the PHP interpreter to handle files with a .php extension. # #AddHandler php5-script .php #AddType text/html .php # # Add index.php to the list of files that will be served as directory # indexes. # DirectoryIndex index.php # # Uncomment the following line to allow PHP to pretty-print .phps # files as PHP source code: # #AddType application/x-httpd-php-source .phps |
Afterwards we restart Apache:
/etc/init.d/httpd restart
12.2 Installing mod_ruby
For CentOS 5.6, there's no mod_ruby package available, so we must compile it ourselves. First we install some prerequisites:
yum install httpd-devel ruby ruby-devel
Next we download and install mod_ruby as follows:
cd /tmp
wget http://modruby.net/archive/mod_ruby-1.3.0.tar.gz
tar zxvf mod_ruby-1.3.0.tar.gz
cd mod_ruby-1.3.0/
./configure.rb --with-apr-includes=/usr/include/apr-1
make
make install
Finally we must add the mod_ruby module to the Apache configuration, so we create the file /etc/httpd/conf.d/ruby.conf...
vi /etc/httpd/conf.d/ruby.conf
LoadModule ruby_module modules/mod_ruby.so |
... and restart Apache:
/etc/init.d/httpd restart
12.3 Installing mod_python
To install mod_python, we simply run...
yum install mod_python
... and restart Apache afterwards:
/etc/init.d/httpd restart
12.4 WebDAV
WebDAV should already be enabled, but to check this, open /etc/httpd/conf/httpd.conf and make sure that the following three modules are active:
vi /etc/httpd/conf/httpd.conf
[...] LoadModule auth_digest_module modules/mod_auth_digest.so [...] LoadModule dav_module modules/mod_dav.so [...] LoadModule dav_fs_module modules/mod_dav_fs.so [...] |
If you have to modify /etc/httpd/conf/httpd.conf, don't forget to restart Apache afterwards:
/etc/init.d/httpd restart
13 ProFTPd
ISPConfig has better support for proftpd than vsftpd, so let's remove vsftpd:
yum remove vsftpd
Because CentOS has no proftpd package, we have to compile Proftpd manually:
cd /tmp/
wget --passive-ftp ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.3e.tar.gz
tar xvfz proftpd-1.3.3e.tar.gz
cd proftpd-1.3.3e/
./configure --sysconfdir=/etc
make
make install
cd ..
rm -fr proftpd-1.3.3e*
The proftpd binary gets installed in /usr/local/sbin, but we need it in /usr/sbin, so we create a symlink:
ln -s /usr/local/sbin/proftpd /usr/sbin/proftpd
Now create the init script /etc/init.d/proftpd:
vi /etc/init.d/proftpd
#!/bin/sh # $Id: proftpd.init,v 1.1 2004/02/26 17:54:30 thias Exp $ # # proftpd This shell script takes care of starting and stopping # proftpd. # # chkconfig: - 80 30 # description: ProFTPD is an enhanced FTP server with a focus towards \ # simplicity, security, and ease of configuration. \ # It features a very Apache-like configuration syntax, \ # and a highly customizable server infrastructure, \ # including support for multiple 'virtual' FTP servers, \ # anonymous FTP, and permission-based directory visibility. # processname: proftpd # config: /etc/proftp.conf # pidfile: /var/run/proftpd.pid # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 [ -x /usr/sbin/proftpd ] || exit 0 RETVAL=0 prog="proftpd" start() { echo -n $"Starting $prog: " daemon proftpd RETVAL=$? echo [ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd } stop() { echo -n $"Shutting down $prog: " killproc proftpd RETVAL=$? echo [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status proftpd RETVAL=$? ;; restart) stop start ;; condrestart) if [ -f /var/lock/subsys/proftpd ]; then stop start fi ;; reload) echo -n $"Re-reading $prog configuration: " killproc proftpd -HUP RETVAL=$? echo ;; *) echo "Usage: $prog {start|stop|restart|reload|condrestart|status}" exit 1 esac exit $RETVAL |
Then we make the init script executable:
chmod 755 /etc/init.d/proftpd
Next we open /etc/proftpd.conf and change Group to nobody:
vi /etc/proftpd.conf
[...] Group nobody [...] |
For security reasons you can also add the following lines to /etc/proftpd.conf (thanks to Reinaldo Carvalho; more information can be found here: http://proftpd.org/localsite/Userguide/linked/userguide.html):
vi /etc/proftpd.conf
[...] DefaultRoot ~ IdentLookups off ServerIdent on "FTP Server ready." [...] |
To make sure that FTP users can use the chmod command, comment out the <Limit SITE_CHMOD> section:
[...] # Bar use of SITE CHMOD by default #<Limit SITE_CHMOD> # DenyAll #</Limit> [...] |
Now we can create the system startup links for Proftpd:
chkconfig --levels 235 proftpd on
And finally we start Proftpd:
/etc/init.d/proftpd start