Linux Web Server

So I came up with the idea I wanted to install a Web File Sharing server. Read a lot of articles, some referenced FTP servers, some referenced Web Servers, but I only found one piece of software that did exactly what I wanted it to do. I wanted a web base, customizable front end, file sharing server that didn't require anybody I wanted to share files with learn anything about FTP, or install an FTP client.Took me a file to find one, and it came in a nice, self-installing package that ran a listening service instead of running MySQL, PHP, Apache and all the other fun stuff a normal web server requires.

 

So I install this Easy File-Sharing Web Server program, works great! Quick easy install, Only problem is it is rather limiting on what it can do (outside it's programmed scope) and how customizable it is before you completely break it and make it look like something that came out of the south end of a north bound Rhino. Basically, it is not a web server, just an application that looks like a web server. Period

Pro's:

  • Works exactly as it says it does

  • Easy install standalone, no MySql Install, no PHP, it just runs everything in it's own little world

  • Uses Virtual folders with user permissions per folder, so the user/web viewer does not have access to the physical folders, just the files themselves

  • Automatically scans folders for changes so if you add something through the XP machine to it's root folder set, it shows up (albeit in all folders instead of the Virtual permission based User Folder)

  • Has the option for SSL (HTTPS) if you want to pay the extra money for it, and it is easily integrated with their other products, which adds functionality

  • Only costs $40 for the basic file sharing server


Con's:

  • Will only do what it says it does. Only shares files, not a web server, not an FTP server

  • Only slight customization of the HTML pages and CSS before you completely break the server pages and they revert back to boring default grey colored pages. Even the "Templates" break back to grey if you customize it too much.

  • Costs $80 just to add the SSL functionality, another $60~ for the chat server, and if you want the no SSL File-Share/FTP/Chat server, it's $130 for all 3 and you don't get the SSL

  • Windows ONLY! Now for me this is a big foobar, I didn't want to have to pay another $100 for a Windows License


My project was to try to emulate what they did, make it my own, and make it completely customizable and do anything I wanted to and have the flexibility and security of Linux to back it up (not to mention getting out of buying another XP license), and have a standard platform commonly found among web servers. The Theory has been working for years, why "fix" something that work.

Talked with Mom, got the crazy idea of standing up my own LAMP server (Linux, Apache, MySql, PHP) running Joomla and use plugins to do the same kind of functionality. Wasn't asking for alot, but everybody talked FTP or Java. Hate Java, I wanted something server based, ie: PHP that didn't require the client to have Java installed, and let them just download, and let me upload. Did some research, installed some VM's, got my Fedora Core running on a VM in a couple locations and started the long grueling fight to get this working.

 

Folks... this was 3 weeks ago...

Since then I have been through 5 re-installs, 4 distros, countless articles, had my girlfriend get mad at me due to how much time I was spending on the project, and had 10's of thousands of moments I wanted to shoot the writers of Apache for making SuExec soooo freaking difficult to understand and use.


Findings:

SuExec sucks, is not truly needed, server works fine in all ways with multiple tested modules as is, no additional installs. Problem being is if your installing on a distro using your package get command like yum or apt-get, they install Apache for you easy and fine, but they do NOT install or build in the SuExec mod. You have to compile Apache from source to get that add-in, not something I like doing. Below is what I did to get a fully functional web server running Joomla in Linux:

  1. Download TurnKey Joomla (it's the actual OS, Ubuntu based)

  2. Install to VM

  3. Download PuTTY

  4. SSH to Joomla Server Address

  5. cd to /var/lib/joomla15

  6. run: find . -type f -exec chmod 644 {} \: (This changes all files to 644 permissions)

    1. find . -type d -exec chmod 755 {} \: (This changes all directories to 755)

    2. find . -type f -exec chown www-data {} \: (This changes owner of all files to www-data)

    3. find . -type d -exec chown www-data {} \: (Ditto for directories)

    4. find . -type f -exec chgrp www-data {} \: (This changes group of all files to www-data)

    5. find . -type d -exec chown www-data {} \: (Ditto for directories)


You will have to do the above for /usr/share/joomla15 as well. Your commands are only changing the files that are below the joomla15 folder, so not creating a security hole for your system.

  1. You will also need to change the /tmp folder for your PHP with the following:

    1. nano /usr/share/joomla15/libraries/joomla/config.php

    2. Change the var $tmp_path = '/tmp'; to this: var $tmp_path = '/var/lib/joomla15/tmp'

Reason being is that the user www-data does not have rights to the /tmp folder, only root does, and you dont want to give any web access user rights to anything on the / of your drive. Also, the Apache server running on this does not keep your web root files within either of these directories, only the Joomla specific files. Make sure you keep it patched, the TurnKey Joomla install has an auto update for the OS and modules automatically built into it for daily updates. Nicest thing about Linux, you don't have to reboot unless you want to :)

You will have to use Webmin (https://Server IP address:12321) to setup your firewall, easy as well. Up along the top after you login there is a section for Networking, select Linux Firewall, scroll to the bottom, select Reset Firewall, select Block all Except those needed for virtual hosting, and hit apply. Only the ports needed by your server are left open. Even has a mail server built in, but you will need to delete the firewall rules using the same Linux Firewall section for the mail server if you aren't using it. If you are not using a service/process, turn off the rule, less open ports the better, but don't lock yourself out.

After all of this, everything works the way I want it to, when I want it to, and it didn't require SuExec. I hate compiling from source, I really do :) Havn't tried doing all of this on a normal Fedora Install, I got something that works, and that is good enough for me.

 

Pro's:

  • I have control over every aspect of the server

  • I can make it anything I want to, chat server, file server, email server (The TurnKey Build has a built in mail server that is literally up running and going without any setup)

  • Using Joomla I have the modular capability to do anything, I can snap-in any functionality I want to. My Server is running RokDownloads to share files, JoomGallery for pictures, and I have the ability to add anything and everything

  • Completely customizable look, if I don't like the look, make a new template or change the current one and vua-la!

  • Scalability! If I want to move it over to abigger server, Joomla has migration tools that make doing that a snap!

  • Support base is HUGE! Joomla is everywere, forums, articles, documents galore for any issue you may run accross

  • Runs in Linux, which is inheritly more secure then Windows, and if you know what you are doing, can lock it down tighter then Ft. Knox

 

Con's:

  • Joomla does not have the granular rights that Easy File Share Web Server had, Joomla has 3 levels, 2 of which really only apply, Guest and Registered. Special is pretty much useless, however supposedly in Joomla 1.6 there will be that granular file permissions so I can lock specific user/groups to specific galleries or file downloads.

  • The Learning curve for running your own server is quite a bit higher then running an application such as the one I mentioned. You have to know Linux, you have to know how file permissions work, and you have to be un-afraid to get down and dirty with the command line. You can get by without it using the WebMin interface, but you could get boggled if issues arise

  • By Default the system is open to the world, you have to set the FW to block all incoming except what you specify

Thanks to the guys at TurnKey for putting these packages together, makes for a lot less hair pulling and more productivity.

About the Author: 

 
Sean Wheeler
Small Biz Techno Geek 

Sean works at home designing IP Video Surveillance and Home Intrusion systems, writing articles, and managing 3 young children. Enjoys tinkering with technology and generally delving into every little detail imaginable whenever he gets into a project.  

Firelight Web Studio
A price you can afford, payments that work for you, and information when you need it, will keep you in the driver's seat, even if you don't know a metatag from a content management system.