[How To] Install WEB server on Ubuntu (LAMP, PHPMyAdmin, Firewall)

Installing LAMP server

1. Update source

   apt-get update

2. Install Vim

   apt-get install vim

3. Install tasksel

   apt-get install tasksel

4. Install LAMP (with tasksel)
   • type

     tasksel

   • select LAMP and install
5. Install phpmyadmin

   apt-get install phpmyadmin

6. Install vsftpd

   apt-get install vsftpd

   Type

   vim /etc/vsftpd.conf

   Write into file

   chroot_local_user=YES
       service vsftpd restart

Setting up firewall with iptables

1. Create firewall file

   vim /etc/firewall.sh

   Write firewall rules inside file

   #!/bin/sh
   
   IPT="/sbin/iptables"
   
   # Allow outgoing traffic and disallow any passthroughs
   $IPT -P INPUT DROP
   $IPT -P OUTPUT ACCEPT
   $IPT -P FORWARD DROP
   
   $IPT -A OUTPUT -j LOG
   $IPT -A INPUT -j LOG
   $IPT -A FORWARD -j LOG
   
   $IPT -F
   $IPT -X
   $IPT -t nat -F
   $IPT -t nat -X
   $IPT -t mangle -F
   $IPT -t mangle -X
   
   # Allow traffic already established to continue
   $IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
   
   # Allow ssh, dns, ldap, ftp and web services
   #$IPT -A INPUT -p tcp --dport ssh -i eth0 -j ACCEPT
   #$IPT -A INPUT -p tcp --dport domain -i eth0 -j ACCEPT
   #$IPT -A INPUT -p tcp --dport ldap -i eth0 -j ACCEPT
   #$IPT -A INPUT -p udp --dport ldap -i eth0 -j ACCEPT
   #$IPT -A INPUT -p tcp --dport ftp -i eth0 -j ACCEPT
   #$IPT -A INPUT -p udp --dport ftp -i eth0 -j ACCEPT
   #$IPT -A INPUT -p tcp --dport ftp-data -i eth0 -j ACCEPT
   #$IPT -A INPUT -p udp --dport ftp-data -i eth0 -j ACCEPT
   $IPT -A INPUT -p tcp --dport 80 -i eth0 -j ACCEPT
   $IPT -A INPUT -p tcp --dport 443 -i eth0 -j ACCEPT
   #$IPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
   
   # Allow local loopback services
   $IPT -A INPUT -i lo -j ACCEPT
   
   # Allow all from and to Boomerang
   #WEB
   $IPT -A INPUT   -j ACCEPT -p all -s 217.113.4.192/28
   $IPT -A INPUT   -j ACCEPT -p all -s 217.113.16.64/28
   #Bionet
   $IPT -A INPUT   -j ACCEPT -p all -s 91.196.38.240/28
   #local Networks
   $IPT -A INPUT   -j ACCEPT -p all -s 10.1.0.0/23
   $IPT -A INPUT   -j ACCEPT -p all -s 192.168.0.0/24
   
   # allow certain inbound ICMP types (ping, traceroute..)
   $IPT -A INPUT -i eth0 -p icmp --icmp-type destination-unreachable -j ACCEPT
   $IPT -A INPUT -i eth0 -p icmp --icmp-type time-exceeded -j ACCEPT
   $IPT -A INPUT -i eth0 -p icmp --icmp-type echo-reply -j ACCEPT
   $IPT -A INPUT -i eth0 -p icmp --icmp-type echo-request -j ACCEPT

2. Make file executable

   sudo chmod +x /etc/firewall.sh

3. Enable IPTables to load on system boot

   echo "pre-up /etc/firewall.sh" >> /etc/network/interfaces

4. Make Firewall flush Script

   vim /etc/firewall_flush.sh

   Write firewall rules inside file

   #!/bin/sh
   echo "Flushing iptables rules..."
   sleep 1
   iptables -F
   iptables -X
   iptables -t nat -F
   iptables -t nat -X
   iptables -t mangle -F
   iptables -t mangle -X
   iptables -P INPUT ACCEPT
   iptables -P FORWARD ACCEPT
   iptables -P OUTPUT ACCEPT

[adinserter block=”6″]

Backup Management

1. Create user
   adduser baskupuser
2. create backup.sh Script
   vim /home/baskupuser/Backups/Scripts/backup.sh
3. Write into file

   #!/bin/sh
   #########################
   # Backup Hosting Server.#
   #########################
   
   # What to backup. 
   backup_files="/home"
   
   # Where to backup to.
   dest="/home/baskupuser/Backups"
   
   # Create archive filename.
   day=$(date +%A)
   hostname=$(hostname -s)
   archive_file="$hostname-$day.tgz"
   
   # Print start status message.
   echo "Backing up all MySQL Databases to /home/MySQL_Backups/MySQL-data-$day.sql.gz"
   date
   echo
   
   # Backup all MySQL databases
   mysqldump -u root -pSQLPASSWORD --all-databases | gzip > /home/MySQL_Backups/MySQL-data-$day.sql.gz
   
   # Print start status message.
   echo "Backing up $backup_files to $dest/$archive_file"
   date
   echo
   
   # Backup the files using tar.
   tar czf $dest/$archive_file  --exclude baskupuser $backup_files
   
   # Print end status message.
   echo "----------------"
   echo "Backup finished"
   date
   
   # Long listing of files in $dest to check file sizes.
   ls -lh $dest
   
   echo
   echo "=============================================================================="
   echo
   

4. Makeing file executible

   sudo chmod +x /home/baskupuser/Backups/Scripts/backup.sh

5. Create /home/MySQL_Backups folder

   mkdir /home/MySQL_Backups

6. Adding cron job

   crontab -e

   Write into file

   # Daily run backup script.
       0 0 * * * sh /home/baskupuser/Backups/Scripts/backup.sh >> /home/baskupuser/Backups/Scripts/backup.log