[Manual] Setting up hosting server with Ubuntu 10.10

[Manual] Setting up hosting server with Ubuntu 10.10



We assume that already installed apache2 with php and vsftpd

Now let’s create xyz.com site

1. Creating user for ftp access

adduser xyz

2. Createing home directory for site

mkdir /home/xyz/www

3. Setting permissions and owner for home directory

chown xyz:www-data /home/xyz/www
chmod 750 /home/xyz/www

4. Create Virtual Directory File

vim /etc/apache2/sites-available/xyz.com

Insert Into File

<VirtualHost *:80>
DocumentRoot /home/xyz/www/
ServerName xyz.com
ServerAlias www.xyz.com
</VirtualHost>

5. Enable Virtual directory

ln -s /etc/apache2/sites-available/xyz.com /etc/apache2/sites-enabled/xyz.com

6. Restart apache server

service apache2 restart

7. Setting up firewall with iptables
Create firewall file

vim /etc/firewall.sh

Write firewall rules inside file

#!/bin/sh
IPT="/sbin/iptables"

# Allow outgoing traffic and disallow any passthroughs
$IPT -P INPUT DROP
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD DROP

$IPT -A OUTPUT -j LOG
$IPT -A INPUT -j LOG
$IPT -A FORWARD -j LOG

$IPT -F
$IPT -X
$IPT -t nat -F
$IPT -t nat -X
$IPT -t mangle -F
$IPT -t mangle -X

# Allow traffic already established to continue
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow ssh, dns, ldap, ftp and web services
#$IPT -A INPUT -p tcp --dport ssh -i eth0 -j ACCEPT
#$IPT -A INPUT -p tcp --dport domain -i eth0 -j ACCEPT
#$IPT -A INPUT -p tcp --dport ldap -i eth0 -j ACCEPT
#$IPT -A INPUT -p udp --dport ldap -i eth0 -j ACCEPT
$IPT -A INPUT -p tcp --dport ftp -i eth0 -j ACCEPT
$IPT -A INPUT -p udp --dport ftp -i eth0 -j ACCEPT
$IPT -A INPUT -p tcp --dport ftp-data -i eth0 -j ACCEPT
$IPT -A INPUT -p udp --dport ftp-data -i eth0 -j ACCEPT
$IPT -A INPUT -p tcp --dport 80 -i eth0 -j ACCEPT
#$IPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Allow local loopback services
$IPT -A INPUT -i lo -j ACCEPT

# Allow all from and to Your Network

$IPT -A INPUT   -j ACCEPT -p all -s xxx.zzz.yyy.nnn/28

Make file executable

sudo chmod +x /etc/firewall.sh

Enable IPTables to load on system boot

echo "pre-up /etc/firewall.sh" >> /etc/network/interfaces

8. Testing
Create index.php file write following inside

<?php
  phpinfo();
?>

and upload inside site root directory via ftp

Browse site with browser – xyz.com or www.xyz.com

Author:  Gevorg G. Harutyunyan

Leave a Reply

Your email address will not be published. Required fields are marked *