Here’s the steps I use in setting up a web server. Specifically, this is a CenOS5 32-bit with Apache, MySQL, PHP and suPHP. I also threw in the steps for proFTP.

**** NOTE : If you notice, it’s still a draft. It came from a number of sources but these are the steps I use. So I know it works. **********


update current packages (including apache)
yum -y update

install utilities and compiler
yum -y install zip nmap fileutils gcc-c++ acl
It installs zip, nmap, fileutils, gcc compiler(we’ll need it later) and acl(access control).

install make
yum -y install make

MySQL Installation

yum -y install mysql mysql-devel mysql-server
chkconfig --levels 235 mysqld on
service mysqld start

What has just Happened?

  1. Install MySQL
  2. Add mysqld service in the auto-start
  3. Start MySQL service
  4. Secure MySQL installation by setting the root password, remove remote access to root, etc. This is part of the basic server hardening.

Install PHP

yum -y install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel

The command above install the basic php 5.1.6 package as well as important php extensions used by normal php-based websites.

Upgrade PHP to 5.3

rpm -Uvh
yum --enablerepo=webtatic update php

Install ProFTP

yum -y remove vsftpd --to remov vsftpd if it's existing
cd /tmp
wget --passive-ftp
tar xvfz proftpd-1.3.3e.tar.gz
cd proftpd-1.3.3e
./configure --sysconfdir=/etc; make; make install
cd /tmp; rm -rf ./proftpd-1.3.3*
ln -s /usr/local/sbin/proftpd /usr/sbin/proftpd
touch /etc/init.d/proftpd
chmod 755 /etc/init.d/proftpd
vi /etc/init.d/proftpd

Paste the following settings and then save.

# $Id: proftpd.init,v 1.1 2004/02/26 17:54:30 thias Exp $
# proftpd This shell script takes care of starting and stopping
# proftpd.
# chkconfig: - 80 30
# description: ProFTPD is an enhanced FTP server with a focus towards
# simplicity, security, and ease of configuration.
# It features a very Apache-like configuration syntax,
# and a highly customizable server infrastructure,
# including support for multiple 'virtual' FTP servers,
# anonymous FTP, and permission-based directory visibility.
# processname: proftpd
# config: /etc/proftp.conf
# pidfile: /var/run/

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

[ -x /usr/sbin/proftpd ] || exit 0



start() {
echo -n $"Starting $prog: "
daemon proftpd
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd

stop() {
echo -n $"Shutting down $prog: "
killproc proftpd
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd

# See how we were called.
case "$1" in
status proftpd
if [ -f /var/lock/subsys/proftpd ]; then
echo -n $"Re-reading $prog configuration: "
killproc proftpd -HUP
echo "Usage: $prog {start|stop|restart|reload|condrestart|status}"
exit 1

exit $RETVAL

vi /etc/proftpd.conf

Group nobody
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."

Add ProFTP in the start-tasks

chkconfig --levels 235 proftpd on

Enable Mod ReWrite

Though the mod_rewrite module is installed in apache by default, it won’t work because some directives inside the httpd.conf prevents the rewrite for security reasons. We have to enable this feature only for specific folder.

  1. Edit the apache configuration file.

    vi +/DocumentRoot httpd.conf
  2. Set DocumentRoot to wherever you placed your default page. I usually place this somewhere else so that regular script kiddies won’t be able to easily find it.

    DocumentRoot "/var/www/html"
  3. Set the AllowOverride to All to activate mod_rewrite to the folder.
    <Directory “/var/www/html”&glt;
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
    In case your physical files for your virtual hosts are placed on different folders, you can add separate entries of <Directory> to activate mod security to all of them

Install suPHP

Run the commands below one by one

cd /tmp
rpm --import
rpm -K rpmforge-release-0.5.2-2.el5.rf.*.rpm
rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm
yum -y install htop
yum -y install mod_suphp

Edit /etc/suphp.conf

vi /etc/suphp.conf

make sure these lines are there:


edit /etc/httpd/conf.d/suphp.conf (which is the global configuration for suPHP).

vi +/suPHP_Engine /etc/httpd/conf.d/suphp.conf

set suPHP_Engine off

Enable VirtualHost

To make suPHP to work with VirtualHost, add these few lines inside tag.

suPHP_Engine on
suPHP_UserGroup username groupname
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php

Example :

DocumentRoot /usr/kitty/
ServerAlias *
suPHP_Engine on
suPHP_UserGroup kitty kitty
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
ErrorLog logs/
CustomLog logs/ common

I usually put the virtual host entries in a separate file. I edit it via the command below

vi /etc/httpd/conf.d/httpd-vhosts.conf

Source : CentOS Additional Packages

Comments are closed.

Post Navigation