Home Web Server

Where Penguins and Daemons chill together in the warmth of the Sun.

Moderators: SecretSquirrel, notfred

Postposted on Sat Oct 13, 2007 9:54 pm

mattsteg wrote:You most likely need to set servername to something sensible.

If that was an issue, wouldn't it affect local access (over the LAN) as well?

How are you trying to access it over the 'net? By numerical IP? Or did you register a domain name?

Are you sure your ISP allows incoming connections on port 80? Did you check the server logs like notfred suggested?

You might also try telling your router to make the server a DMZ host... but I wouldn't leave it that way permanently unless you've also got a software firewall enabled on the server which blocks all ports except HTTP/FTP/SSH.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Sat Oct 13, 2007 11:14 pm

just brew it! wrote:
mattsteg wrote:You most likely need to set servername to something sensible.

If that was an issue, wouldn't it affect local access (over the LAN) as well?

How are you trying to access it over the 'net? By numerical IP? Or did you register a domain name?

Are you sure your ISP allows incoming connections on port 80? Did you check the server logs like notfred suggested?

You might also try telling your router to make the server a DMZ host... but I wouldn't leave it that way permanently unless you've also got a software firewall enabled on the server which blocks all ports except HTTP/FTP/SSH.


Nope, haven't registered a domain yet. I'm just typing in the numerical IP address. I've just tried putting the server in the DMZ, and I've also tried disabling SPI. Neither did the trick. I would have done port triggering, but my router will let me set any port except 80 for triggering.

When I deleted the port forwarding for port 80, my Netgear Router Manager came up right away when I typed the numerical IP address -- not 192.168.1.1 for clarification here. Also, canyouseeme.org says it can see me on port 80 when I have port forwarding enabled to my server. Not just enabled to any old IP.

Tomorrow, I'll try taking the router out of the loop to see if that makes a difference.

How about setting a hostname in Apache? Is it important for that to be set when I'm not running virtual hosts and am using IP address?
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sun Oct 14, 2007 12:26 am

It is sounding like a router (or maybe ISP) issue to me, but the symptoms are puzzling. If it works on the LAN, and outside systems can see you, it really ought to work.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Sun Oct 14, 2007 1:17 am

It was a router problem. I updated the firmware and one of the fixes was to allow setting a host route. That's a little vague I know, but it did the trick.

For those who found this through Google, my router is a Netgear WGR614v6. I updated the firmware to version 2.0.19_1.0.19.

I'm very happy now.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sun Oct 14, 2007 1:22 am

Cool.

Welcome to the "roll your own Linux web server" club. :D
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Sun Oct 14, 2007 7:05 am

just brew it! wrote:Cool.

Welcome to the "roll your own Linux web server" club. :D


Does this mean I get to add "Mad Apache Skillz" to my résumé now? :lol:
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sun Oct 14, 2007 8:53 am

So, here's a few more things.

I know no-ip.com has been recommended, but I'd like some more opinions on dynamic DNS. My dad checked out godaddy.com, but I can't seem to find anything there that would actually allow dynamic IP, which means I'd have to go a third party route for the service. I think my dad would like something better than, "we should go with these guys because that's what some guy on the internet said to do."
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sun Oct 14, 2007 9:07 am

I've heard good things about dyndns as well: <a href="http://www.dyndns.com/services/dns/dyndns/">linky</a>
Damn the torpedoes , full speed ahead.

AMD X2 4200+, Asus A8N-E, 3GBs of RAM, 7900GS
king_kilr
Maximum Gerbil
 
Posts: 4299
Joined: Sat Sep 25, 2004 10:23 pm
Location: Browsing the web far and wide.

Postposted on Sun Oct 14, 2007 11:26 am

Yeah, AFAIK GoDaddy doesn't have any support for dynamic IP addresses. You could still make it work using the basic GoDaddy package if your IP changes only rarely (some people with dynamic IP say they keep the same IP for months at a time), and you don't mind the possibility of a little downtime when it does change.

For dynamic IP DNS, dyndns.com seems to be the de facto standard. I've even seen some routers that have support for it built-in. The hitch is that if you want to use their free service, you have to use one of their domains, e.g. <yourservername>.dyndns.org; to use your own registered domain name you need to pay.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Sun Oct 14, 2007 1:23 pm

I've been using DynDNS for several years for a couple of Domains that I run webserver and email on. They work - you just set it up and forget it. If your router doesn't support updating the DNS entry, then look at "ddclient" for Linux support - it can go get the IP address from your router or from a server on the internet.
notfred
Grand Gerbil Poohbah
 
Posts: 3647
Joined: Tue Aug 10, 2004 9:10 am
Location: Ottawa, Canada

Postposted on Sun Oct 14, 2007 9:31 pm

no-ip is a perfectly reputable DynDNS provider. A company I interned for a while ago had a business relationship with a variety of dynamic DNS providers, and the no-ip people were always very quick to respond to requests.
bitvector
Grand Gerbil Poohbah
 
Posts: 3234
Joined: Wed Jun 22, 2005 3:39 pm
Location: Mountain View, CA

Postposted on Mon Oct 15, 2007 1:25 am

Okay, so my router is a Netgear WGR614v6. It does have a Dynamic DNS section, which I'm guessing is the function for updating my IP address with the DNS whenever it changes. I have a couple questions about that: am I limited to only one domain name with it, does it really do what I think it does, and would it be better to run a client on my server instead? Eventually, I'm going to have two websites on my server. So, being able to support more than one domain name is important.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Mon Oct 15, 2007 7:11 am

It's probably better to run the client on your server rather than running from the router. As I mentioned before I recommend ddclient.
notfred
Grand Gerbil Poohbah
 
Posts: 3647
Joined: Tue Aug 10, 2004 9:10 am
Location: Ottawa, Canada

Postposted on Mon Oct 15, 2007 7:20 am

Yeah, the dynamic DNS support in the router is the thing that notifies the DNS server whenever your IP gets changed by your ISP.

I agree with notfred, you're probably better off running the dynamic DNS client on the server. I imagine this would also allow you to handle an arbitrary number of domain names (even if the client only supports a single domain name, you could just run multiple clients).
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Mon Oct 15, 2007 8:59 am

I know that with no-ip, the client will let you update a single domain name, or a group. (I have/had 3 domains in my group for my web server, so I have it update all 3 of them). Since you give it your login information, it polls no-ip to see which ones are on your account and then asks you about them by name.
Usacomp2k3
Gerbil God
 
Posts: 21240
Joined: Thu Apr 01, 2004 3:53 pm
Location: Orlando, FL

Postposted on Mon Oct 15, 2007 10:49 am

Further questions. We're ready to get a domain name now. We don't want to use any of the free subdomain names, but instead want something else. The domain we want is available.

So, if we register a domain name, do we need to get a DNS package as well? That's the way I'm understanding it. Let's take No-ip.com as an example. To register the domain name it's $15.00. Do I need to add No-IP.com Plus Managed DNS package as well? What about the free DNS packages? Can I use that for my own domain name?
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Mon Oct 15, 2007 1:26 pm

I love how I keep answering my own questions. Looks like zoneedit.com is a one stop shop. They have a free DNS service, and cheap domain registration.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Tue Oct 16, 2007 3:17 pm

Yay! The <A HREF="http://grandmasfridge.org">URL</A> works now.

So, I've come to the realization that I need to setup some kind of content management system. The stuff that my dad has uploaded to the website works fine, but it isn't exactly 100% compatible with Firefox, though everything looks fine in IE. If you'll look at the site in IE, you'll find that everything is centered. In Firefox, however, everything is left justified.

Currently, my dad uses NetObjects 7 and knows next to nothing about HTML coding. Neither he or I want to spend a great deal of money on editors, which is why he hasn't upgraded to the latest NetObjects. I think he got NetObjects 7 for free from his work.

<A HREF="http://www.opencms.org/en/index.html">OpenCMS</A> seems like it would do the trick. Basically, I'd like to be able to review and edit whatever my grandma and dad write before it actually gets published.

What are some of your thoughts on CMS?
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Tue Oct 16, 2007 5:35 pm

If you're looking at CMS, you might want to investigate Joomla or Drupal. The former is a little nicer in terms of getting a friendly and attractive UI (more themes available), the latter is a bit more powerful if you want to dig into the guts of things. Or at least that's their reps. I was investigating both of them for a project that got put on hold, so I'm not up-to-date on the latest versions. There are a bunch of "Vs" comparisons out there, and of course they tend to get written by partisans of one or the other (WTF is it about computer geeks that they have to invest a binary fanboy dialectic into everything?)

Whatever you end up using, post back with your thoughts and experiences -- I'd be interested in what you discover and decide.
UberGerbil
Gerbil Khan
 
Posts: 9927
Joined: Thu Jun 19, 2003 2:11 pm

Postposted on Wed Oct 17, 2007 1:05 am

I'm with you on that UberGerbil. Why can't they just use the English language as it was meant to be?

Anyway, I sent the links to my dad for the two you've suggested, Joomla! and Drupal, which they both took home awards. In addition I referred him to OpenCms and Dragonfly CMS.

We'll find out which my dad likes and then go from there.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Wed Oct 17, 2007 1:07 am

If you want an image gallery, i highly recommend gallery2. There are a million themes for it for customizing the look, and setting up users and stuff is extremely easy. Also setting up individual user profiles is a snap, and each person can automatically get their own folder that stuff gets uploaded to. Just an idea :wink:
Usacomp2k3
Gerbil God
 
Posts: 21240
Joined: Thu Apr 01, 2004 3:53 pm
Location: Orlando, FL

Postposted on Wed Oct 17, 2007 9:38 am

Thanks for that extra tip. Gallery looks like it'll be perfect. I'm a photographer, so having an easy way to present my images on my website would be fantastic.

My dad left the choice up to me as to which CMS we'll use. One feature he really wants is a comments system ala TR. So, the list of things he cares about is: WYSIWYG, XP compatible (this is a non-issue as all of the CMSs look like they support brwoser editing), stable and comments. I would like to be able to review whatever my dad or grandma wrote before it gets published so that I can check for errors.

Also, I have a problem with Apache. Well, maybe not so much of a problem as an annoyance. When I start the server to refresh config changes, it'll take a really long time to generate a digest.

Code: Select all
[Wed Oct 17 09:11:39 2007] [notice] Digest: generating secret for digest authentication ...
[Wed Oct 17 09:33:52 2007] [notice] Digest: done


As you can see, 22 minutes. It's taken close to 40 minutes another time. While it's generating that digest the website is unresponsive. I have to wait for it to finish before I can see the pages. Anything that could be done to reduce this processing time? I'll reiterate that the server is running on a PII 233MHz 384MB RAM machine. So, if it's hardware, I'll understand. And, what is the digest anyway?

On the plus side, I've got virtual hosting enabled without a problem. Two websites now: http://grandmasfridge.org and http://lindquistandassociates.com

I m teh r0xoR!!111!!!1onetyelevntelevnety!!
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Wed Oct 17, 2007 9:56 am

Do you use digest authentication at all? If not, you could just try removing mod_auth_digest.so from your Apache config; that ought to cure the problem.
(this space intentionally left blank)
just brew it!
Administrator
Gold subscriber
 
 
Posts: 36905
Joined: Tue Aug 20, 2002 9:51 pm
Location: Somewhere, having a beer

Postposted on Wed Oct 17, 2007 10:04 am

Depending on the CMS, you can also integrate Gallery into the website fairly easily.
Usacomp2k3
Gerbil God
 
Posts: 21240
Joined: Thu Apr 01, 2004 3:53 pm
Location: Orlando, FL

Postposted on Wed Oct 17, 2007 10:07 am

just brew it! wrote:Do you use digest authentication at all? If not, you could just try removing mod_auth_digest.so from your Apache config; that ought to cure the problem.


Not yet anyway. I'm going to make one directory secure. We like you guys, but we don't like you that much. It doesn't need to be uber-secure, just discouraging I guess. (Although, that might be more of an encouragement to some.)

I've been looking at what can be done. Would AuthType Basic be the setting I'm looking for, or do I really want to keep that digest?
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Thu Oct 18, 2007 12:13 pm

Okay, I got authentication working.

Here's the code for those who are interested:
Code: Select all
<Directory /home/media/www/SwensonFamily/private>
AuthType Basic
AuthUserFile /home/media/www/.useraccess
AuthName "To access this area of Grandma's Fridge, you must provide a vaild username and password."
Require valid-user
</Directory>


To generate the access file, you run this at program at the command line:
Code: Select all
htpasswd -c /path/and/filename usertoadd

It'll prompt for a password, which it'll scramble for the file. It's generally a good idea to have this in a directory that people don't have access to. Anything outside of the SwensonFamily directory is locked out on my machine.

The one thing I need to figure out is how to make the browser forget it logged in after it either leaves the directory, or closes the window/tab.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sat Oct 20, 2007 7:10 am

Turns out that I have to rely on the user to clear out their cache. That's okay because the people who'll be accessing the site probably won't be doing so on a computer other than their own.

I've been fiddling around with Drupal for a bit now. I don't like it. It just doesn't feel right. On top of that, I have to install my own WYSIWG editor. I think that one should have come with it as a default.

On to the next one. I think I'll try Joomla! now.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Wed Oct 31, 2007 12:59 pm

I need more help now. What I'm trying to do is setup a redirect in Apache, so that someone who types in secure.pi.com will be redirected to https://secure.pi.com.

I've gotten SSL working on the machine, and I can pull up the secured page when I type https://secure.pi.com, but I get grandmasfridge.org if I just type secure.pi.com.

The rewrite module seems like it's what I want, but I don't really understand it.

Here's what I have for the rewrite:
Code: Select all
RewriteEngine On
RewriteCond %{HTTP_HOST}   !^secure\.pi\.com [NC]
RewriteCond %{HTTP_HOST}   !^$
RewriteRule ^/(.*)         https://secure.pi.com/$1 [L,R]


I've tried replacing the ! with a =, and that doesn't work either.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Sun Nov 04, 2007 9:15 am

Again with the answering my own questions. So, you can't have name based hosting with SSL. The reason being that there's no information being exchanged before the SSL handshake.

That isn't to say you can't have name based hosting, it just doesn't work in a way that let's you use the host name to specify which SSL enabled website you want to connect to. For example, let's say I have http://www.example.com which is publicly accessible and secure.example.com which is not intended to be publicly accessible, at least, the data exchange is secure. Simply putting secure.example.com in the browser for the address will bring up http://www.example.com instead unless we're more specific by telling the browser to go to secure.example.com:443 or https://secure.example.com. But then it'd have to be the only website on the server with that is on SSL.

There are some tricks around it though. You could have secure.example.com initially on port 80 and have the index.html do a redirect immediately to the SSL enabled area. You can also have SSL directory instead of using the name. So, you'd have http://www.example.com/secure/, or have secure.example.com:80/index.html redirect to secure.example:443/secure/.

Hope that helps someone.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

Postposted on Mon Dec 24, 2007 1:34 pm

Things are starting to come together now. Once again, thank you for your help.

I have another question regarding SSL. I've noticed that when I go to a financial institutions Web site, or even GMail for that matter, SSL is enabled without my accepting a certificate. I think that would be something I want to do on my server for to secure it a bit more. The problem is that I can't seem to figure out how that's done. Do I need to get a certificate from a CA to make this happen? I know how to make my own certificate, I just want to make the SSL connection happen without waiting for a user to accept the certificate.
The best things in life are free.
http://www.gentoo.org
Guy 1: Surely, you will fold with me.
Guy 2: Alright, but don't call me Shirley.
titan
Grand Gerbil Poohbah
 
Posts: 3276
Joined: Mon Feb 18, 2002 6:00 pm
Location: Great Smoky Mountains

PreviousNext

Return to Linux, Unix, and Assorted Madness

Who is online

Users browsing this forum: Yahoo [Bot] and 2 guests