Webserverpuppy LAMP and XAMPP

For talk and support relating specifically to Puppy derivatives
Post Reply
Message
Author
User avatar
dWLkR
Posts: 39
Joined: Wed 23 May 2007, 09:59

#16 Post by dWLkR »

y should gimp make it into a webserver edition?!

User avatar
ttuuxxx
Posts: 11171
Joined: Sat 05 May 2007, 10:00
Location: Ontario Canada,Sydney Australia
Contact:

#17 Post by ttuuxxx »

dWLkR wrote:y should gimp make it into a webserver edition?!
yes and maybe a few plugins, they have one that can batch resize, which is very handy for any web-developer.
ttuuxxx
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games :)

myogaeba
Posts: 20
Joined: Sat 11 Apr 2009, 12:32

#18 Post by myogaeba »

Hi,

thansk for your excelent job .

what about the security ? is there a firewall ? a control center like webmim (somthing like that) ?

Bye

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

#19 Post by prit1 »

Thanks for creating this.

I was going to ask the same questions - "any firewalls, webmin etc planned"?

Also, if you want to see a test Puppy.org site running with Web server puppy LAMP -> http://puppy.prit.us. This site is a temporary test only and will be taken down soon.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
puppymartin
Posts: 207
Joined: Sun 29 Mar 2009, 18:59
Location: The Netherlands
Contact:

#20 Post by puppymartin »

myogaeba wrote:Hi,

thansk for your excelent job .

what about the security ? is there a firewall ? a control center like webmim (somthing like that) ?

Bye
No security! No Firewall.
I use it behind a router firewall and only for testing websites. I don't know anything about firewalls. Is, for example, installing "linux_firewall-2-puppy" in the packet manager enough? Or do we need more?

prit1: your site runs good. About security, what can a hacker do?

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

#21 Post by prit1 »

Thanks puppymartin.

Yeah .. the router firewall can be a reasonable replacement for the Puppy firewall software. But, then sometimes you may need something like Iptables for creating more complex rules for better security.

To find out what a hacker can do, we need to run this setup as a public site for some period of time and the site has to be a pretty popular one.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
dejan555
Posts: 2798
Joined: Sun 30 Nov 2008, 11:57
Location: Montenegro
Contact:

#22 Post by dejan555 »

Great distro puppymartin.
Some notes:
When I wanted to connect using pgprs it said one or more pgprs files missing, this happend to me few times when remastered puppy, it's because some files in /etc i think which disapear after remaster,
also note that says that you must create user for using pure-ftpd, well that's if you want to add more users you can already connect with user root passwd woofwoof and have access to all files on system right?

I tested some php apps, did a quick install of phpbb and wordpress, works like charm, really good job! A mini webserver in your pocket :D
When I'm online you can find my home server @ http://daysleeper.puppylinux.eu
or
http://puppy.rootshell.la

;)
puppy.b0x.me stuff mirrored [url=https://drive.google.com/open?id=0B_Mb589v0iCXNnhSZWRwd3R2UWs]HERE[/url] or [url=http://archive.org/details/Puppy_Linux_puppy.b0x.me_mirror]HERE[/url]

User avatar
puppymartin
Posts: 207
Joined: Sun 29 Mar 2009, 18:59
Location: The Netherlands
Contact:

#23 Post by puppymartin »

dejan555 wrote:Great distro puppymartin.

you can already connect with user root passwd woofwoof and have access to all files on system right?
gprs: maybe I removed this. Or when it went wrong while remastering, then Browserpuppy must have a gprs-problem too.
ftp: I think I disabled ftp for root. I will look at it later.

(Holiday in France now - More wine and swimming than Puppying)

User avatar
chrome307
Posts: 708
Joined: Thu 15 Jan 2009, 11:00

#24 Post by chrome307 »

Yes, Browserpuppy has the GPRS problem, I have attempted to use my 3g USB modem with no luck :(

Enjoy your hols :)

keiffee0521
Posts: 24
Joined: Fri 17 Nov 2006, 20:51
Location: London UK
Contact:

#25 Post by keiffee0521 »

i have just found this puppy and this is what i have been looking for for years....

I have down loaded it and it works lovely many thanks.

I have tried and install and setup a CMS called frog

[url]http://www.madebyfrog.com

and when i go and set up a new site (just local) to see if i can do what i need it to do, i get a SQL password problem as in it dosen't have one.

Now my question is down the SQL DB have a password word or not, or is it still poss to set up a SQL DB using the command line setup and the SQLDB script that comes with Frog?????
[b]Many thanks for you time.

Keith[/b]
:-)

Compaq Evo N410c, P3 1.2Ghz, 1Gb RAM, 80Gb, Wireless / Wired NIC. Puppy Linux 5.01
Ubuntu 10.04 LTSP (5 terminals)
[quote]Anything can be done its just when do you need it by[/quote]

User avatar
efiguy
Posts: 164
Joined: Thu 07 Sep 2006, 02:51

WebserverPuppy

#26 Post by efiguy »

Hello,

Really Big Thanks to PuppyMartin

Downloaded the 97,388 meg ISO several weeks ago and just burned the CD, which started up perfectly on my NetVista 6280 (used Vesa driver not concerned with local graphics).

However I am such a newbie as to not know how to use it .. Duh!! Apoligize, I know this is a more complex forum, but asked about a webserver months ago an just stopped back by for a search and to see the Puppies Wonderful progress.

A) Would like to load this ISO to a dedicated hard drive so as not to use half of ram,-- Need some advice here

B) Currently have 7 separate site instances (using seven different ports) on an 8G USB stick (running xp on an Aptiva K6 64 meg with Pablo Software Babyweb) and would like to try and convert these operational web sites to this new Puppy derivative if that is possible. Would appreciate a yea or nay here.

C) If (B) is possible, would anyone hazard some instuctions to a fairly new Linux newbie as how to point server to file path and set ports for each site. Or is this a one instance server only ??

D) Almost forgot, the PC needs a static IP number dialed into it on boot

E) A firewall or incomming port ignore table would be great

Appreciate any and all comments
Thank You

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

Re: WebserverPuppy

#27 Post by prit1 »

efiguy wrote:Hello,
A) Would like to load this ISO to a dedicated hard drive so as not to use half of ram,-- Need some advice here
You can boot up and do a full or frugal install of this puppy onto the hard drive. This can be done through the install wizard from the menu after you have booted from the cd.
efiguy wrote: B) Currently have 7 separate site instances (using seven different ports) on an 8G USB stick (running xp on an Aptiva K6 64 meg with Pablo Software Babyweb) and would like to try and convert these operational web sites to this new Puppy derivative if that is possible. Would appreciate a yea or nay here.
Can you give more information of your sites? Do you access them like this: - http://site1.com:80, http://site2.com:81 .. and so on? Also, do they run plain HTML or PHP or something else?

Also, why do you want to serve different websites from different ports? Why can't you use the virtual hosts option provided by the server?
efiguy wrote: C) If (B) is possible, would anyone hazard some instuctions to a fairly new Linux newbie as how to point server to file path and set ports for each site. Or is this a one instance server only ??
Hiawatha server can be configured to listen on different ports using BindingId (Binding configuration) and RequiredBinding (under Virtualhosts section). If you can state your actual scenario as requested above, we can try to find the best way to do it.
efiguy wrote: D) Almost forgot, the PC needs a static IP number dialed into it on boot
Are you talking about the internally assigned IP's or the external IP that is seen from outside your network? What kind of internet connection do you have? Do you have a static IP from your ISP?
efiguy wrote: E) A firewall or incomming port ignore table would be great
The default Puppy has a firewall. You can download the firewall package from the package manager or use a default Puppy release and use the LAMP package available elsewhere on it.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
efiguy
Posts: 164
Joined: Thu 07 Sep 2006, 02:51

#28 Post by efiguy »

Thank you for your post Prit1

Will work on transfering to HD, have managed to dual boot puppy 3 once upon a time, will go back to Newbie forum for instuctions here, thanks for letting me know it is possible and about the Firewall package too - one step at a time

quotes
Also, why do you want to serve different websites from different ports? Why can't you use the virtual hosts option provided by the server?
Hiawatha server can be configured to listen on different ports using BindingId (Binding configuration) and RequiredBinding (under Virtualhosts section). If you can state your actual scenario as requested above, we can try to find the best way to do it.

WoW Apoligize for lack of understanding, as this is a new concept to me.
Conceptually, maybe think I understand,
lets see paraphrase -- Server basically is loaded once, within this main server software - compartmentalization can occurr -- to listen on many ports and sort (unique) the html path to correspond to each of the desired listening ports.

Each website is unrelated to others, and can be start/stopped, or terminated in control panel independantly.
The simple MS DOS / windows based software i'm using does not have a mode like "virtual"


quote
Can you give more information of your sites? Do you access them like this: - http://site1.com:80, http://site2.com:81 .. and so on? Also, do they run plain HTML or PHP or something else?

My sites are mostly simple html with some css and java, but do want to expand and experiment with more complex sites- eventually - if i live long enough ;).
An internal network IP, like 192.168.1.234 is specified for the machine, each website and server resides within a unique directory. A batch file is run to start each directory server with the port number. (each server has an INI file)
The router transfers each server internal IP with port number to the main ISP IP for external access -- 192.168.1.234:2173 > http://qw.ert.yui.sdf:2173 Externally, all that needs to be changed is the port number. http://qw.ert.yui.sdf:2462


Hope this clarifies the action a bit

Thank You

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

#29 Post by prit1 »

efiguy wrote:
Each website is unrelated to others, and can be start/stopped, or terminated in control panel independantly.
The simple MS DOS / windows based software i'm using does not have a mode like "virtual"
If the sites run as virtual hosts, each can serve files from separate directories. There is no control panel for Hiawatha and you would have to change the configuration file to add sites or to remove/disable sites.

Here is a sample skeleton of the Hiawatha configuration for using Virtual Hosts:

Code: Select all

Binding {
    Port = 80
}

# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 127.0.0.1
WebsiteRoot = /var/www/html
StartFile = index.html

# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
VirtualHost {
	Hostname = www.site1.com
	WebsiteRoot = /var/www/site1
	StartFile = index.html
}

VirtualHost {
	Hostname = www.site2.com
	WebsiteRoot = /var/www/site2
	StartFile = index.html
}

As you can see, if someone comes to your IP using www.site1.com, then the files are served from the /var/www/site1 directory. If someone comes for www.site2.com, then the files are served from /var/www/site2. If they come to your IP using a site not defined in your virtual hosts, then they get the default site that is located in /var/www/html. You can change this to add new sites, remove sites as needed. For a full manual of the Hiawatha server configuration, you can check out this link:
http://www.hiawatha-webserver.org/manpages
efiguy wrote:
My sites are mostly simple html with some css and java, but do want to expand and experiment with more complex sites- eventually - if i live long enough ;).
Are you using Java client side applet or a server side program? I am not sure if Hiawatha can run Java server side.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
efiguy
Posts: 164
Joined: Thu 07 Sep 2006, 02:51

WebserverPuppy

#30 Post by efiguy »

Hello

Thanks for the config and manual website -
This is exciting!! Believe I can do this --
Hiawatha is a very complex webserver - After I get this running, must figure out how to update to 6.16 as it has an attack recognition capability.
Hiawatha also has CGI support Although all my Java is client based - it may be capable of running server side Java (If not now, most likely in future).

Quote from home page news -
Hiawatha 6.16 has been released. This release contains several bugfixes, so it's definitely worth the update. The main Hiawatha configuration file called httpd.conf has been renamed to hiawatha.conf. With that step, the last resemblance with the webserver-that-must-not-be-named is gone.
27 July 2009 Hugo Leisink <hugo@leisink.net>

http://www.hiawatha-webserver.org/

Thanks to all in the forum for blazing a superb trail that doesn't take a guru BloodHound to follow,

Puppy Rules!!!
efiguy

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

Re: WebserverPuppy

#31 Post by prit1 »

efiguy wrote:Hiawatha is a very complex webserver
I feel that Hiawatha is much simpler to setup than several other servers out there. :)
efiguy wrote:..update to 6.16 as it has an attack recognition capability.
Can you explain what this "attack recognition" capability is?

Puppymartin (who develops this puplet) or Growler (who creates the Hiawatha pet package) might package the latest version of Hiawatha sometime soon.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
efiguy
Posts: 164
Joined: Thu 07 Sep 2006, 02:51

WebserverPuppy

#32 Post by efiguy »

Hello,

To try and answer your question, it is just my perception, but XP is modified in SP2-3 with TCP/IP modifications in timeouts, open numbers and damaged packet requests and some other reg issues that (to the uninited) seem to have a commonality of security implication with Hiawatha ideals. The * items might be fairly new to reg, don't really know.

What I presume as modified values in XP reg in an attempt to deal with TCP/IP stack attacks (List is incomplete) --
"UseDomainNameDevolution"=dword:00000001
* "EnableICMPRedirect"=dword:00000000
* "DeadGWDetectDefault"=dword:00000000
"DontAddDefaultGatewayDefault"=dword:00000000
"EnableSecurityFilters"=dword:00000000
"EnableDeadGWDetect "=dword:00000000
* "SynAttackProtect"=dword:00000002
* "TCPMaxHalfOpen"=dword:000001f4
* "TCPMaxHalfOpenRetired"=dword:00000190
* "TCPMaxPortsExhausted"=dword:00000005
* "TCPMaxDataRetransmissions"=dword:00000003
* "EnablePMTUDiscovery"=dword:00000000
"DisableIPsourceRouting"=dword:00000002
"NoNameReleaseOnDemand"=dword:00000001
"PerformRouterDiscovery"=dword:00000000

Also, notice in quote about client banning, plus some change log lists,
SocketSendTimeout option added, Prevention of cross-site request forgery.., CGI zombies, lead me to believe that security issues are being tided up.

Quotes from Hiawatha News --

"Yesterday, an interesting HTTP DoS tool has been released. The tool performs a Denial of Service attack on Apache (and some other) servers by exhausting available connections. While there are a lot of DoS tools available today, this one is particularly interesting because it holds the connection open while sending incomplete HTTP requests to the server." [sans.org]

- Slowloris HTTP DoS

I know for a long time that this vulnerability is present in Apache. It surprises me that nobody has implemented an exploit sooner. Another thing in Apache that bothers me: the runtime of a CGI. A CGI process can run forever under Apache. A single CGI script can DoS a webserver. A system administrator is needed to kill the script. And what about a client that keeps on guessing passwords for HTTP authentication?

These kind of Apache issues inspired me to create Hiawatha, with settings for maximum request sending time, maximum CGI run time, client banning, etc. Features that, in my opinion, every daemon should have.
-- End Quote

Hope you may concur,

Thanks

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

#33 Post by prit1 »

Hi efiguy,

All I knew from the Hiawatha changelog is that Hugo has introduced bug fixes in the last couple of releases after 6.14. I have installed and used Hiawatha 6.16 on Ubuntu and CentOS. If you wait a little you would definitely find 6.16 available for Puppy as a pet package.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

User avatar
efiguy
Posts: 164
Joined: Thu 07 Sep 2006, 02:51

WebserverPuppy

#34 Post by efiguy »

Hello Prit1,
Just to note, Hiawatha may be simple for some, but to a newbie it appears to have lots of adustments and thats not a bad thing, if defaults are well thought out, which I believe from reading the manual pages and FAQ Forum, that it will work perfect for me, especially after viewing your sample config.

And Oh So Cool about 6.16, I'm going ahead with present ISO package as a learning exercise, Thank you for your insight and answers.

efiguy

User avatar
prit1
Posts: 542
Joined: Fri 04 Jan 2008, 00:10
Location: Los Angeles

#35 Post by prit1 »

Feel free to post anything that comes up during your setup, we will try our best to help.
[url=http://macpup.org][b]Macpup - The beauty of linux[/b][/url] [b] | [/b] [url=http://pritlog.com/][b]Pritlog - Simple blog app[/b][/url]

Post Reply