Posts Tagged apache

Virtual Hosting Hosting for the new sysadmin – Apache – Postfix

Posted by on Wednesday, 23 June, 2010

We have some users who own servers who dont want to fork out for automated systems like Plesk or Virtualmin, but don’t really want to deal with adding domains and email addresses all the time (and sometimes get lost)

I decided today after one such user emailed us to add another 3 domains and bunch of email addresses to write something simple to help him out, and thought I would share them with you.

I put the following in a plain text file in /root/adddomain.sh

#!/bin/bash
if [ ! $1 ];then
        echo "Usage: $0 domainname.com"
        exit 0
fi
 
echo Adding the virtualhost to apache
cat >/tmp/httpd.tmp < < EOF
 
<VirtualHost *:80>
DocumentRoot /var/www/CHANGEME/html
ServerName CHANGEME
ServerAlias www.CHANGEME
<directory "/var/www/CHANGEME">
allow from all
Options +Indexes
</directory>
 
 
EOF
cat /tmp/httpd.tmp | sed s/CHANGEME/$1/g >> /etc/httpd/conf/httpd.conf
 
echo Making the directory at /var/www/$1
mkdir -p /var/www/$1/html
 
echo reloading apache
/etc/init.d/httpd reload
 
echo Adding domain to mail
echo $1 /etc/postfix/virtual_domain # this was his postfix virtual domain name list

Then run

chmod +x adddomain.sh

Now I can add domains like this very easily

[root@hostname ~]# ./adddomain.sh
Usage: ./adddomain.sh domainname.com
[root@hostname ~]# ./adddomain.sh domain.co.nz
Adding the virtualhost to apache
Making the directory at /var/www/domain.co.nz
reloading apache
Reloading httpd:                                           [  OK  ]
Adding domain to mail
[root@hostname ~]#

Please note: do not add the ‘www’ part onto the domain name. That is done in the script itself where required.

Since he had set up virtual hosting in postfix, i then created another text file at /root/addmailuser.sh – this was so he could add email addresses easily and quickly. The contents were

#!/bin/bash
 
if [ ! $2 ]; then
        echo "Usage: $0 [username|destination] emailaddress"
        exit 0
fi
 
if [ -z $(echo $1 | grep @) ];then
        echo Looks like a username to me, adding the user
        adduser -s /sbin/nologin $1
        passwd $1
else
        echo Looks like a redirect off site, adding it as such
fi
 
echo Adding the email address
echo $2  $1 >> /etc/postfix/virtual
 
echo Running postmap
postmap /etc/postfix/virtual
 
echo Reloading postfix
/etc/init.d/postfix restart

Again i run the chmod on it

chmod +x addmailuser.sh

This is how I can use it

[root@hostname ~]# ./addmailuser.sh
Usage: ./addmailuser.sh [username|destination] emailaddress 
[root@hostname ~]# ./addmailuser.sh julie.domain julie@domain.co.nz
Looks like a username to me, adding the user
Changing password for user julie.domain.
New UNIX password:
BAD PASSWORD: it is too short
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Adding the email address
Running postmap
Reloading postfix
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
[root@hostname ~]#

Or I can use it to create an off site alias

[root@hostname ~]# ./addmailuser.sh james.someguy@gmail.com james@domain.co.nz
Looks like a redirect offsite, adding it as such
Adding the email address
Running postmap
Reloading postfix
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
[root@hostname ~]#

These were designed/written for Centos/RedHat based systems, let me know if you want it for Debian/Ubuntu based ones. Also, strictly speaking, things don’t need to be restarted, but it doesn’t hurt and is a good way of testing things work ok.
There is no error checking in either of these scripts, feel free to contribute patches/fixes 🙂


Apache modules to help your server

Posted by on Friday, 27 November, 2009

libapache2-mod-bw – bandwidth limiting module

This module allows you to limit bandwidth usage on every virtual host or directory or to restrict the number of simultaneous connections.

The bandwidth control, for example, can be configured according to the criteria: origin of the connection, file extension, file size or user agent of the client.
Example:

LoadModule bw_module /usr/lib/apache2/modules/mod_bw.so
BandWidthModule On
BandWidth all 40000
MinBandWidth all 10000
ForceBandWidthModule On

libapache2-mod-defensible – module for Apache2 which provides DNSBL usage

mod_defensible implements usage of DNSBL servers to block access to a Web site or to specific locations.

Example:

DnsblUse On
DnsblServers httpbl.abuse.ch sbl-xbl.spamhaus.org
DnsblNameserver 145.253.2.75

libapache2-mod-evasive – evasive module to minimize HTTP DoS or brute force attacks

mod_evasive is an evasive maneuvers module for Apache to provide some protection in the event of an HTTP DoS or DDoS attack or brute force attack.

It is also designed to be a detection tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera.

Example:

<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 5
DOSSiteCount 100
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 600
</IfModule>

Comes with a perl script to test it also.

vps:/etc/apache2/mods-available# perl /usr/share/doc/libapache2-mod-evasive/examples/test.pl
HTTP/1.1 200 OK
HTTP/1.1 200 OK
HTTP/1.1 200 OK
HTTP/1.1 200 OK
HTTP/1.1 200 OK
HTTP/1.1 200 OK
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden
HTTP/1.1 403 Forbidden

libapache2-mod-line-edit – search-and-replace line editor module for apache 2

mod_line_edit is a general-purpose apache 2 filter for text documents. It operates as a simple on-the-fly line editor, applying search-and-replace rules defined in a configuration or .htaccess file. Both simple text and regular expression search and replace are supported.

Example:

SetOutputFilter    line-editor
SetEnv    LineEdit “text/plain;text/css;text/html”
LELineEnd ANY
LERewriteRule https?://(www\.)?example\.com http://example-development.yoursite.co.nz Ri

Throw something like that into your or somewhere and you instantly fixed all those problem URLS on your development system, without touching the source files at all.
This is ideal to stop/prevent people exploiting various holes in web applications and inserting javascript redirects etc.

Please note: the name of all these modules is debian/ubuntu related. Centos or RedHat based distros may have another name for the same modules. If you need any of these installed just drop an email into the support box and let us know.


Apache mod_rewrite

Posted by on Tuesday, 7 April, 2009

As you may notice, debian.co.nz has new urls are cleaner, and look like static html.
This is not to do with the actual files or any major configs, but more to do with mod_rewrite, an apache module.

Basicly it takes the incomming URL and translates it into what it should be using basic regex.

The old news url looked something like this
/news.php?id=31
The newer one looks more like this
/news/31

Some advantages of this:
a) Some search engines dont like having file.php?foo=bar and rank them lower because of it. This will create the LOOK of static html pages.
b) People have to guess what language its written in before they can attempt ‘hacking’ it.
c) The URLs are much friendlier to look at or paste to others.
d) Nice easy URLs to remember 🙂

Okay, Now onto HOW i did it.
Into my httpd.conf under the virtualhost that I am using I added.

RewriteEngine On
RewriteRule ^/news/([0-9]+) /news.php?id=$1 [NC]

The First line makes sure the rewrite engine is on, its fairly self explainatory.
The second line is the heart of it. It takes any incomming urls at /news/number and turns them into /news.php?id=number .

The NC is part of the flags you can parse it, which mean nocase, its not case sensitive.
There are several lots of flags available, and they are definatly worth looking into.

From there you can add in a whole lot more of conditions with RewriteMap Or RewriteCond

This is only a basic overview, there is an awesome tutorial here that can take you more in depth.

Liz
Last-Modified: 2007-03-07 19:38:50