The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 2] - Page 5
14 Apache/PHP5/Ruby/Python
Now we install Apache:
apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils apache2-suexec libexpat1 ssl-cert
Next we install PHP5, Ruby, and Python (all three as Apache modules):
apt-get install libapache2-mod-php5 libapache2-mod-ruby libapache2-mod-python php5 php5-common php5-curl php5-dev php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-mhash php5-ming php5-mysql php5-pspell php5-recode php5-snmp php5-sqlite php5-suhosin php5-tidy php5-xcache php5-xmlrpc php5-xsl
Next we edit /etc/apache2/mods-available/dir.conf...
vi /etc/apache2/mods-available/dir.conf
... and change the DirectoryIndex line:
<IfModule mod_dir.c> #DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml </IfModule> |
Now we have to enable some Apache modules (SSL, rewrite, suexec, and include):
a2enmod ssl
a2enmod rewrite
a2enmod suexec
a2enmod include
Restart Apache:
/etc/init.d/apache2 restart
We have to fix a small problem with Ruby. If you install ISPConfig and enable Ruby for a web site, .rbx files will be executed fine and displayed in the browser, but this does not work for .rb files - you will be prompted to download the .rb file - the same happens if you configure Ruby manually for a vhost (i.e., it has nothing to do with ISPConfig). To fix this, we open /etc/mime.types...
vi /etc/mime.types
... and comment out the application/x-ruby line:
[...] #application/x-ruby rb [...] |
Restart Apache:
/etc/init.d/apache2 restart
Now .rb files will be executed and displayed in the browser, just like .rbx files.
In the next chapter (14.1) we are going to disable PHP (this is necessary only if you want to install ISPConfig on this server). Unlike PHP, Ruby and Python are disabled by default, therefore we don't have to do it.
14.1 Disable PHP Globally
(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.
To disable PHP globally, we edit /etc/mime.types and comment out the application/x-httpd-php lines:
vi /etc/mime.types
[...] #application/x-httpd-php phtml pht php #application/x-httpd-php-source phps #application/x-httpd-php3 php3 #application/x-httpd-php3-preprocessed php3p #application/x-httpd-php4 php4 [...] |
Edit /etc/apache2/mods-enabled/php5.conf and comment out the following lines:
vi /etc/apache2/mods-enabled/php5.conf
<IfModule mod_php5.c> #AddType application/x-httpd-php .php .phtml .php3 #AddType application/x-httpd-php-source .phps </IfModule> |
Then restart Apache:
/etc/init.d/apache2 restart
15 Proftpd
In order to install Proftpd, run
apt-get install proftpd ucf
You will be asked a question:
Run proftpd: <-- standalone
For security reasons add the following lines to /etc/proftpd/proftpd.conf (thanks to Reinaldo Carvalho; more information can be found here: http://proftpd.org/localsite/Userguide/linked/userguide.html):
vi /etc/proftpd/proftpd.conf
[...] DefaultRoot ~ IdentLookups off ServerIdent on "FTP Server ready." [...] |
ISPConfig expects the configuration to be in /etc/proftpd.conf instead of /etc/proftpd/proftpd.conf, therefore we create a symlink (you can skip this command if you don't want to install ISPConfig):
ln -s /etc/proftpd/proftpd.conf /etc/proftpd.conf
Then restart Proftpd:
/etc/init.d/proftpd restart
16 Webalizer
To install webalizer, just run
apt-get install webalizer
17 Synchronize the System Clock
It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the internet. Simply run
apt-get install ntp ntpdate
and your system time will always be in sync.
18 Install Some Perl Modules Needed By SpamAssassin (Comes With ISPConfig)
Run
apt-get install libhtml-parser-perl libdb-file-lock-perl libnet-dns-perl libnetaddr-ip-perl libarchive-tar-perl
19 ISPConfig
The configuration of the server is now finished, and if you wish you can now install ISPConfig on it. Please check out the ISPConfig installation manual: http://www.ispconfig.org/manual_installation.htm
19.1 A Note On SuExec
If you want to run CGI scripts under suExec, you should specify /var/www as the home directory for websites created by ISPConfig as Debian's suExec is compiled with /var/www as Doc_Root. Run
/usr/lib/apache2/suexec -V
and the output should look like this:
server1:~# /usr/lib/apache2/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="www-data"
-D AP_LOG_EXEC="/var/log/apache2/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"
server1:~#
So if you want to use suExec with ISPconfig, don't change the default web root (which is /var/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).
20 Links
- Debian: http://www.debian.org/
- ISPConfig: http://www.ispconfig.org/