The Perfect Server - Mandriva 2009.0 Free (i386) - Page 6

12 Apache2 With PHP5, Ruby, And Python

To install Apache2, PHP5, and Ruby, run the following command (in one line):

urpmi apache-mod_suexec apache-mod_ssl apache-mod_php apache-mod_ruby apache-mod_python libphp5_common5 php-bz2 php-calendar php-ctype php-curl php-devel php-dio php-dom php-eaccelerator php-enchant php-esmtp php-event php-exif php-fam php-ffmpeg php-fileinfo php-filepro php-ftp php-gd php-gettext php-gmp php-iconv php-id3 php-idn php-imap php-imlib2 php-mailparse php-mbstring php-mcache php-mcrypt php-mhash php-ming php-mysql php-mysqli php-ncurses php-newt php-odbc php-oggvorbis php-pcntl php-pcre php-pear-Net_IDNA php-posix php-pspell php-readline php-recode php-session php-shmop php-simplexml php-snmp php-soap php-sockets php-sqlite php-ssh2 php-suhosin php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tcpwrap php-tidy php-xml php-xmlrpc php-zip php-ini curl libcurl4-devel perl-libwww-perl ImageMagick

Create the system startup links for Apache...

chkconfig httpd on

... and start it:

/etc/init.d/httpd restart

 

12.1 Disable PHP Globally

(If you do not plan to install ISPConfig on this server, please skip this section!)

In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.

Edit /etc/httpd/modules.d/70_mod_php.conf and comment out the AddType lines:

vi /etc/httpd/modules.d/70_mod_php.conf
<IfDefine HAVE_PHP5>
    <IfModule !mod_php5.c>
        LoadModule php5_module    extramodules/mod_php5.so
    </IfModule>
</IfDefine>

<IfModule mod_mime.c>
    #AddType application/x-httpd-php .php
    #AddType application/x-httpd-php .phtml
    #AddType application/x-httpd-php-source .phps
</IfModule>

<IfModule mod_php5.c>
    <IfModule mod_dir.c>
        DirectoryIndex index.php index.phtml
    </IfModule>
</IfModule>

Edit /etc/httpd/conf/httpd.conf and add the following line to the LoadModule section:

vi /etc/httpd/conf/httpd.conf
[...]
LoadModule php5_module    extramodules/mod_php5.so
[...]

(Although this line is already in /etc/httpd/modules.d/70_mod_php.conf this is very important because otherwise the command

httpd -t

will report errors instead of Syntax OK when the virtual hosts created by ISPConfig contain lines like php_admin_flag safe_mode On or the like!)

Restart Apache:

/etc/init.d/httpd restart

 

12.2 Disable Ruby Globally

(If you do not plan to install ISPConfig on this server, please skip this section!)

In ISPConfig you will configure Ruby on a per-website basis, i.e. you can specify which website can run Ruby scripts and which one cannot. This can only work if Ruby is disabled globally because otherwise all websites would be able to run Ruby scripts, no matter what you specify in ISPConfig.

vi /etc/httpd/modules.d/20_mod_ruby.conf

Comment out or delete everything in that file except the following lines:

<IfDefine HAVE_RUBY>
    <IfModule !mod_ruby.c>
        LoadModule ruby_module  extramodules/mod_ruby.so
    </IfModule>
</IfDefine>

Then restart Apache:

/etc/init.d/httpd restart

 

13 Proftpd

Install Proftpd like this:

urpmi proftpd

For security reasons you can add the following lines to /etc/proftpd.conf (thanks to Reinaldo Carvalho; more information can be found here: http://www.proftpd.org/localsite/Userguide/linked/userguide.html):

vi /etc/proftpd.conf
[...]
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."
[...]

Be sure to comment out the following lines at the end of /etc/proftpd.conf in order to allow ftp users to CHMOD:

[...]
# Bar use of SITE CHMOD by default
#<Limit SITE_CHMOD>
#    DenyAll
#</Limit>

Then restart Proftpd:

/etc/init.d/proftpd restart

 

14 Webalizer

Mandriva 2009.0 doesn't come with a Webalizer package anymore, therefore we build the Webalizer binary like this:

urpmi libgeoip1 geoip libgeoipupdate0 awffull libgeoip-devel libgd-devel libgd2 libbzip2_1-devel libdb4.6-devel
cd /tmp
wget ftp://ftp.mrunix.net/pub/webalizer/webalizer-2.20-01-src.tgz
tar xvfz webalizer-2.20-01-src.tgz
cd webalizer-2.20-01
./configure --enable-dns --enable-geoip --enable-bz2
make
make install
cd ..
rm -fr webalizer-2.20-01*

 

15 Install Some Perl Modules Needed By SpamAssassin (Comes With ISPConfig)

To install all needed Perl Modules, we can use the appropriate Mandriva packages and install them using urpmi:

urpmi perl-HTML-Parser perl-Digest-SHA1 perl-DB_File perl-Net-DNS

 

16 The End

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it. You can find the installation instructions here: http://www.ispconfig.org/manual_installation.htm. A First-Steps tutorial can be found here: https://www.howtoforge.com/ispconfig-2.x-first-steps

 

17 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /var/www as the web root for websites created by ISPConfig as Mandriva's suExec is compiled with /var/www as Doc_Root. Run

/usr/sbin/suexec -V

and the output should look like this:

[root@server1 tmp]# /usr/sbin/suexec -V
 -D AP_DOC_ROOT="/var/www"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="apache"
 -D AP_LOG_EXEC="/var/log/httpd/suexec_log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_SUEXEC_UMASK=077
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"
[root@server1 tmp]#

So if you want to use suExec with ISPconfig, don't change the default web root (which is /var/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).

 

Share this page:

2 Comment(s)