How I Created a Basic Webserver
November 24, 2020
November 21, 2020
In an effort to cut down on hosting costs and put my class disciplines to work as I continue to face rejection after rejection in related fields, I decided to take on greater responsibility by hosting my own server. This installment focuses on how to get a web server up and running on Linux.
The web server was created on Linux Mint, which is based on Ubuntu. I have also replicated this process on Linux Mint Debian Edition.
To get started, you'll need to make sure you have the following:
• At least two computers that are on the same network
• apache2 and php7.x must be installed
• know how to enable the linux firewall
• enable port forwarding to allow external computers to access your content
• a user account that is privileged (has sudo permissions)
First, open up Synaptic Package Manager. You can press the "Super/Windows" key to do this, and then type in "Synaptic P" and select the teal colored icon with arrows pointing in different directions. You will be asked to enter your password. You must be an elevated user to access Synaptic Package Manager.
Next, click the search icon on the top right of the window and enter the terms "apache2" and "php7". Each search result will show on the left hand side of the window. Click the square next to "apache2" and "php7.4" and select the option "Mark for Installation". If it shows a second dialog asking to install additional packages, click "Mark", as those are prerequisities.
On the top left portion of the page, above the results list pane, click the cogwheel icon that says "Apply" (It should be to the right of "Reload"). You'll see a dialog titled "Summary" that explains how much space you'll need, what packages will be added and what other packages are affected when you install them. Click "Apply" in this dialog to begin the installation.
If you're curious about what's going on, click the "Details" chevron on the dialog below the loading bar.
To ensure the outcome was successful, visit 127.0.0.1 from any installed browser. You'll see a default page that indicates your server is running correctly. Now, the fun begins. We are going to make this point to a directory of your own choosing. For security purposes, we will redirect to a decrypted home folder of a standard user account.
While you're still logged in as a privileged user, go to your Linux Mint menu, type "Users and" and select the resulting program. You will be asked for your password. After entering it, you will be presented with a menu listing the user accounts on the computer. On the bottom left of the dialog, click "Add". By default, Linux chooses "Standard" as the account type. Give the account a username. Once you have, you'll see it listed in the left facing pane.
Despite giving this user account limited access, I felt it necessary to give it the following permissions so it could do the things I wanted:
Unlike Windows, Linux user account permissions are handed out based on the processes that they need. This allows for account specialization and can be used to isolate certain processes so that if one user account is hacked, it will be insulated against most malign use (unless the account hacked is privileged). Jealously guard all privileged passwords and assign a password to "root" as soon as possible, because by default there is none. You can do this by issuing the following command from a privileged terminal:
sudo passwd root
You will then be asked to provide the new password. You will be asked to confirm what you typed. If you're concerned about shoulder-surfing of your password length, press tab before entering your password to turn the echo string off.
To make apache2 point to a different directory, you'll need to open up your file explorer. Navigate to "File System", double click "etc" and right click "apache2" and select "Open as Root". You will be asked to provide your password. Once you do, a new explorer window will appear, and a red ticker will indicate that this process has elevated privileges. POWER USERS: If you believe there is a safer way to do this, pursue that method instead.
You're going to want to focus on the following files:
This allows you to specify which ports you want to route to your server.
This specifies which directories will hold the pages to your site, and which directories should be ignored.
This file maps your sites with a domain name and determines what port is used to communicate.
By default, it is set to listen to port 80, but you can assign any non-preferential port you want (higher than 1023). If I wanted to add port 9126, I would open ports.conf and type "Listen 9126" on the line after "Listen 80" and save the file (which you can still do with CTRL + S).
If I wanted to add the PERMISSION STRUCTURE for another site located in a different directory, I would open apache2.conf and navigate to line 170, and then add another "Directory" enclosure below the one already present. If you don't want users to view indexes, remove this word from the "Options" directive. If you want users to use their own ".htaccess" file, use the modifier "AllowOverride All". It is possible to input .htaccess directives under the "Directory" tag. It will affect all files in the specified directory.
If I wanted to map specific sites to domain names, I would add the newsite.conf file to the directory "Sites-Available". If I wanted to enable it, I would open a command line and enter the following command, which creates a symbolic link (junction) to the original file created in sites-available:
sudo ln -sf /etc/apache2/sites-available/newsite.conf /etc/apache2/sites-enabled/newsite.conf
To avoid errors using this command, use absolute paths, and not relatve ones. When you copy a file in Linux, its absolute path is also in the clipboard in addition to the file itself. When you paste in terminal, it will automatically be entered. Use this method to avoid burdensome entries, or even better, put them in a shell script, and then double click the shell script and select "Run in Terminal" if you find yourself using the same commands often.
The following steps depend on how much control you have over your network. If you're using someone else's network as an end-user, it is unlikely you'll be able to publish directly to the internet as you would need to enable port forwarding at the router level. For purposes of this tutorial, we will be sharing the server resources on a local network only. You will need to find out what your private IP address is. On Linux, you would type the following into a terminal window:
The default wired adapter on most Linux installations should be "enp1s0", and the "inet" field shows the private IPv4 address, while "inet6" shows the private IPv6 address of the computer. We will use the "inet" address to access the website files while on the same network.
Next, we will open up the Linux Firewall to allow communication over the ports you specified in /etc/apache2/ports.conf. Open the mint menu, type "firew" and click the result. You will be prompted for your password.
The Linux Firewall page will look like this (My rules have been removed for privacy):
Click the plus icon on the bottom left of the window, and select the "Simple" tab. If I wanted to add port 9126, my input would look like this:
When you're done, click "Add". The window will not give you visual confirmation. Instead, you will see "Rule XX Added" in the dialog BEHIND the window. At this point, if you're satisfied with the configuration you set up, open a terminal and type the following, and enter your password when prompted:
sudo service apache2 restart
Open up a browser that is on the same network as your server, and type its "inet" address, followed by its port number, if not 80, and then press Enter. To specify a page you want to start with, add a "DirectoryIndex pagename.html" directive to "apache2.conf" under the website you would like to specify a page for. Remember to start at Line 170.
© 2020 Mass Transit Honchkrow