This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Tools & Utilities

A sysadmin toolbox for Web site maintenance

By Susan Linton on July 05, 2007 (9:00:00 AM)

Share    Print    Comments   

I run a small but fairly active Web site from a home server, as was commonly done back in the early days of the World Wide Web. What started as a learning project soon grew to be my primary hobby. It takes a bit of knowledge of Linux systems, various open sourced applications, and how the Internet works to start a Web site from scratch. Here are some of the applications and tools that help me stay on top of things.

A stable and reliable operating system is the foundation of any server. I used Gentoo Linux at first, but soon learned that a source-based distribution wasn't the best choice for a Web server with my system's limited resources. I switched to Debian GNU/Linux and have never looked back. It was easy to set up and has been even easier to maintain. As a bonus, my server runs better; memory and CPU management is much more efficient under Debian than I experienced with my homebrewed Gentoo.

Nano

Text editors are among the most fundamental applications on any system. If you do any work from the command line, a terminal-based editor is a must. Nano is extremely easy to use and always functions the same across any implementation or system. Having previously used Vi, I'm much happier with Nano.

Roaring Penguin (RP-PPPoE)

My Internet connection is a business-class Asymmetric Digital Subscriber Line from Bellsouth. I have a modem that syncs to the connection, but I need a Point-to-Point Protocol over Ethernet (PPPoE) client to actually log on. RP-PPPoE has never let me down. It is as easy to set up as it is to use; just run the setup script and answer some fill-in-the-blank questions. RP-PPPoE starts the connection at boot time and maintain it as long as the system is running. It's one of those carefree "set it and forget it" applications.

iptables

I built my network firewall using iptables. At first I was intimidated by the task, but I found a useful tutorial that I read from cover to cover. Once I understood what I was doing, I constructed the rules I felt I needed to manage the network traffic coming into and going out of my local network. iptables is one of the most important tools on my system.

Bind

Name servers allow Internet users to use Web site names such as www.linux.com instead of IP addresses like 66.35.250.177. Either you or your hosting service must provide naming services for your Web site in order for it to be found by its domain name. I use Bind as my name server. It allows a server to be integrated into the Web by informing secondary root servers of its IP address and domain name. I thoroughly read the documentation in order to configure Bind.

Apache, MySQL, and PHP

Along with Linux, these three packages make up the LAMP stack. Together they provide the foundation of my Web server.

Apache is the most frequently used Web server on the Internet, and for good reason. It offers a wide range of features along with stability while retaining a high level of security.

The MySQL database holds my Web site's data. MySQL is flexible and scalable. I chose it because it is widely used and has loads of documentation.

PHP is a scripting language that can be used in any number of applications. In my case, it is the language in which my content management software is written, where it not only supports the visual components, but also interacts with the database. I didn't actively choose PHP, but I couldn't run my Web site without it.

Drupal

I use Drupal as the content management system for my site. I chose it primarily due to its appearance, but soon found out how powerful, customizable, and scalable it can be. Drupal is as appropriate for simple blogs as it is for high-traffic commercial sites. It is limited only by your knowledge of PHP. Since my PHP knowledge isn't advanced, my site is largely composed of included and third-party modules, of which there are many available. Recent Drupal versions have an installer, a non-destructive upgrade script, and improved performance. I recommend it to anyone who would like to create a Web site of any size.

Gallery

I needed an easy and attractive way to display lots of screenshots. HTML would have been too tedious and slow to write. Gallery offers easy image uploading along with the appearance and functionality I want for my image collections. Like Drupal, its newest versions have improved functionality and performance.

Pure-FTPd

Pure-FTPd is the easiest full-featured FTP server I have found. Many folks recommend Proftpd, but I couldn't get it to work in my early days. Now I stay with Pure-FTPd because it does all I require, and offers SFTP for those who need it.

Postfix

I had always used Sendmail as my mail server until I changed distributions to Debian Etch, after which I could not get Sendmail to work anymore. A friend suggested I try Postfix, and my mail server headaches disappeared. Sendmail has drawbacks, and Postfix seems to address most of them. It was so easy to set up that I had it running in less than a minute.

OpenSSH and Samba

OpenSSH and Samba are among the first applications I set up after installing a new system. OpenSSH is an open source secure shell server. I use it to log in to and work on my server from other machines. For me it offers convenience; for many others with remote servers, it could be the only pathway to root access.

I use Samba to transfer files between local machines. Samba was initially written to enable Linux and Windows clients to share files, but it's convenient for Linux-to-Linux sharing as well.

Setting up a Web site from scratch can seem overwhelming at first. It wasn't something I accomplished overnight the first time, but it afforded me the opportunity to learn many new things. Much of what I learned will be helpful even if I choose to move my site to a hosting company.

Share    Print    Comments   

Comments

on A sysadmin toolbox for Web site maintenance

Note: Comments are owned by the poster. We are not responsible for their content.

A sysadmin toolbox for Web site maintenance

Posted by: Nat on July 05, 2007 03:58 PM
Thanks for the tip about Drupal. I've been using PHP-Nuke but the demo of Drupal is much more appealing for our project.

#

pure-ftpd does not support sftp

Posted by: Richard Edward Horner on July 05, 2007 04:37 PM
As far as I can tell, pure-ftpd does not support sftp. It has mechanism for encrypting authentication and the control channel but the data is still sent in the clear which is not good.
[Modified by: Richard Edward Horner on July 05, 2007 04:37 PM]

#

A sysadmin toolbox for Web site maintenance

Posted by: Da Boost on July 05, 2007 04:45 PM
Nice article. Drupal is indeed a powerfull CMS (Content Management System). Very easy to use and highly customizable. I'm using vsftpd instead of Pure-FTPd. You can also use IPFilter which is less complicated then iptables.

#

SSH

Posted by: rackaid on July 08, 2007 03:42 PM
I highly recommend using SSH. SSH provides both secure file transfer via secure ftp and secure cp as well as provides you encrypted communications when away from your server. For security, iptables is a very good firewall. When designing your rules start with a close everything and only what I need approach. You can write a highly effective firewall in just a few lines. Also, on some distros xinetd supports scheduling. For example, if you know that you are not going to be accessing a certain service during certain hours and it is controlled by xinetd, you can disable login. Don't forget using xinetd's allow from and tcp wrappers to further lock down your system. Though I have several machines behind a Watchguard firewall, I still put in layers of access control.

Also, if you are running PHP-MySQL applications, check into ModSecurity (www.modsecurity.org). This can prevent exploits of your web based applications. If you are not a linux security guru, this can go a long way in helping secure your web server from web-based attacks.

#

Installing BIND may be overkill

Posted by: Anonymous [ip: 140.142.192.63] on July 20, 2007 07:52 PM
Unless you want to do something fancy, for running a home web site BIND may be overkill. Most registrars will provide name service at low or no cost.

#

A sysadmin toolbox for Web site maintenance

Posted by: Anonymous [ip: 202.152.243.72] on September 02, 2007 06:32 PM
do you know the checklist to maintenance the server ? in unix, maybe checkdisk, repair permission, etc ?

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya