Sys255‐Final‐Linux_Apache - ConnorEast/Tech-Journal GitHub Wiki
Sys-255 Final Project Stats: Apache PHP Web Server
Team Name: Team PhpAP; (PHP Apache)
Team Members: Connor East, Benjamin Pond, Morgan Rees, Kerry Allen (Was given permission for a 4-man project.)
Team Topic: Setting up multiple PHP sites on a single Apache system with MySQL implementation.
Dictionary:
- FW01 == Firewall 1;
- AD01 == Active Directory 1;
- LWS1 == Linux Web Server 1;
- LCA1 == Linux Certificate Authority 1;
- WRK1 == Work Station 1;
End Goal:
Each individual on the team will have a separate PHP based website with MySQL compatibility each located on the same apache network IP. These sites should be made available to all users by way of AD group rules. If we have time at the end a final goal to achieve would be the implementation of a script that processes the log data for all of the sites and states when each IP address visited the site and which site specifically was visited. The code for that will be available at the bottom of this document if applicable.
Machine Stats.
AD Forest/Realm == connor.local;
- FW01-CBK ---> IP/LAN/EM1:10.0.5.2 ---> Subnet:255.255.255.0(/24)
- AD01-CBK ---> IP:10.0.5.4 ---> Subnet:255.255.255.0(/24) --> Gateway: 10.0.5.2 --> DNS: 10.0.5.2
- LCA1-CBK ---> IP:10.0.5.71 ---> Subnet:255.255.255.0(/24) --> Gateway: 10.0.5.2 --> DNS: 10.0.5.2
- LWS1-CBK ---> IP:10.0.5.72 ---> Subnet:255.255.255.0(/24) --> Gateway: 10.0.5.2 --> DNS: 10.0.5.2
- WRK1-CBk ---> IP:10.0.5.100 --> Subnet:255.255.255.0(/24) --> Gateway: 10.0.5.2 --> DNS: 10.0.5.2
General Network Diagram:
What has each individual done for the project:
Connor East
- Documentation for the start of the project
- Group Creation
- Implementation of Apache virtual hosts
- Implementation of Group rules, to remove access to apache for specific users
Morgan Rees
Kerry Allen
Benjamin Pond
Setting Up Apache, MySql, and Virtual Hosting:
Certificate Authority Creation
For this sector go through the setup of a LCA1-CBK and LWS1-CBK with the IP and information located under Machine Stats. Then go through the process of creating a web certificate request using the correct corresponding IP addresses. Once you have complete that follow the steps below.
On LWS1-CBK copy the files created in the previous section into the following locations:
Web Server certificate: ---> /etc/pki/tls/certs
Web server private key: ---> /etc/pki/tls/private
Following that use the following commands to give apache full control over the certifications:
Command 1: ---> chown apache:apache /etc/pki/tls/certs/websrv.crt
Command 2: ---> chown apache:apache /etc/pki/tls/private/websrv.key
Next, Install mod-ssl for Apache using the command "yum -y install mod_ssl" and update the file /etc/httpd/conf.d/ssl.conf with the following content:
Find SSLCertificateFile and make sure the path and filename match your certificate file
Find SSLCertificateKeyFile and make sure the path and filename match your key file
Restart httpd and your Certificate should now be installed.
Basic Bash Script:
listofaccess=$("find /var/log/httpd -name “accesslog*")
for accesslistcontent in $listofaccess: do
cat $accesslistcontent | awk '{print "IP address: " $1, " visited your site at " $4}'; done