Sysadmin papilusion apache2 11 01 2012 - Seizam/seizamcore GitHub Wiki
- When Apache handle a request to papilusion.seizam.com or papilusion.reverse.seizam.com:
- doc root is /var/seizam/w
- Alias /files /var/seizam/files
- Alias /icons/ /usr/share/apache2/icons/
- Alias /payment /var/seizam/payment
- Alias /extensions /var/seizam/w/extensions
- Alias /resources /var/seizam/w/resources
- Alias /skins /var/seizam/w/skins
- Alias /robots.txt /var/seizam/w/robots.txt
- Alias /favicon.ico /var/seizam/w/favicon.ico
- Alias /img_auth.php /var/seizam/w/img_auth.php/
- Alias /load.php /var/seizam/w/load.php/
- Alias /api.php /var/seizam/w/api.php/
- Alias / /var/seizam/w/index.php/
- Access to /files is public, put /files/private require a username and password from /var/seizam/files/private/.htpasswd
- PHP can handle 10 minutes execution time and 200 MB max for file uploads
- When Apache handle a request to locahost:
- / display some system informations using phpsysinfo (installed in /usr/share/phpsysinfo)
- /phpmyadmin (you need a password)
- /apc to display some APC state informations (this is the default apc.php bundled with APC doc, you need a password to access to User Cache Entries tab)
- /phpinfo to execute and display result of phpinfo(); PHP command
- these 4 tools are only accessible if the connection comes from 127.0.0.1
- from your remote terminal, you can access them by using SSH port forwarding: ssh -L 8080:localhost:80 papilusion.seizam.com
- Other request:
- doc root is /var/www
- currently, this is a HTML page redirecting to www.seizam.com
Many steps have been done before. Please refer to previous sysadmin reports about apache, phpmyadmin and apc viewer tool
- user : root
- host : papilusion.reverse.seizam.com
- date : 11/01/12 10:36
- curpath : /root
- [email protected]# cd /etc/apache2/
- [email protected]# a2ensite default
- [email protected]# ls sites-enabled/
- [email protected]# mv sites-enabled/000-localhost-admin-tools sites-enabled/010-localhost-admin-tools
- [email protected]# mv sites-enabled/001-papilusion sites-enabled/020-papilusion
- [email protected]# ls sites-enabled/
- Edit /etc/apache2/conf.d/security, see [1]
- Edit /etc/apache2/sites-enabled/010-localhost-admin-tools, see [2]
- [email protected]# mkdir /usr/share/phpinfo
- [email protected]# cd /usr/share/phpinfo/
- Edit /usr/share/phpinfo/phpinfo.php, see [3]
- Edit /usr/share/php-apc/apc.php, see [4]
- [email protected]# apache2ctl configtest
- [email protected]# /etc/init.d/apache2 reload
- [email protected]# wget http://downloads.sourceforge.net/project/phpsysinfo/phpsysinfo/3.0.15/phpsysinfo-3.0.15.tar.gz?r=http%3A%2F%2Fphpsysinfo.sourceforge.net%2F&ts=1326290998&use_mirror=freefr
- [email protected]# ls
- [email protected]# ls -l
- [email protected]# mv phpsysinfo-3.0.15.tar.gz?r=http:%2F%2Fphpsysinfo.sourceforge.net%2F phpsysinfo-3.0.15.tar.gz
- [email protected]# tar -xvf phpsysinfo-3.0.15.tar.gz
- [email protected]# ls
- [email protected]# rm phpsysinfo-3.0.15.tar.gz
- [email protected]# mv phpsysinfo/ /usr/share/
- [email protected]# cd /usr/share/phpsysinfo/
- [email protected]# ls -lsa
- [email protected]# mv config.php.new config.php
- Edit /usr/share/phpsysinfo/config.php, see [5]
- Edit /etc/apache2/sites-enabled/010-localhost-admin-tools, see [6]
- Edit /usr/share/phpsysinfo/includes/os/class.Linux.inc.php, see [7]
- [email protected]# apache2ctl configtest
- [email protected]# /etc/init.d/apache2 reload
[1]\* Edit /etc/apache2/conf.d/security
--- old 2012-01-11 11:03:53.000000000 +0100 +++ new 2012-01-11 11:05:39.000000000 +0100 @@ -25,4 +25,4 @@ # -#ServerTokens Minimal -ServerTokens OS +ServerTokens Minimal +#ServerTokens OS #ServerTokens Full @@ -37,4 +37,4 @@ # -#ServerSignature Off -ServerSignature On +ServerSignature Off +#ServerSignature On
[2]\* Edit /etc/apache2/sites-enabled/010-localhost-admin-tools
--- old 2012-01-11 12:59:37.000000000 +0100 +++ new 2012-01-11 13:02:08.000000000 +0100 @@ -69,2 +69,18 @@ + + # PHPINFO + # ------- + + Alias /phpinfo /usr/share/phpinfo/phpinfo.php + + <Directory /usr/share/phpinfo> + Options none + DirectoryIndex phpinfo.php + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + </directory> + + </virtualhost>
[3]\* Edit /usr/share/phpinfo/phpinfo.php
--- old 2012-01-11 13:03:14.000000000 +0100 +++ new 2012-01-11 13:03:34.000000000 +0100 @@ -0,0 +1 @@ +<?php phpinfo(); ?>
[4]\* Edit /usr/share/php-apc/apc.php
--- old 2012-01-11 13:36:22.000000000 +0100
+++ new 2012-01-11 13:37:00.000000000 +0100
@@ -40,4 +40,4 @@
// this work!
-defaults('ADMIN_USERNAME','apc'); // Admin Username
-defaults('ADMIN_PASSWORD','password'); // Admin Password - CHANGE THIS TO ENABLE!!!
+defaults('ADMIN_USERNAME','root'); // Admin Username
+defaults('ADMIN_PASSWORD','????????'); // Admin Password - CHANGE THIS TO ENABLE!!!
[5]\* Edit /usr/share/phpsysinfo/config.php
--- old 2012-01-11 15:17:57.000000000 +0100
+++ new 2012-01-11 15:21:51.000000000 +0100
@@ -97,3 +97,3 @@
*/
-define('PSI_REFRESH', 60000);
+define('PSI_REFRESH', 0);
@@ -130,3 +130,3 @@
*/
-define('PSI_BYTE_FORMAT', 'auto_binary');
+define('PSI_BYTE_FORMAT', 'auto_decimal');
@@ -210,3 +210,3 @@
*/
-define('PSI_SHOW_MOUNT_CREDENTIALS', false);
+define('PSI_SHOW_MOUNT_CREDENTIALS', true);
@@ -246,3 +246,3 @@
*/
-define('PSI_HIDE_NETWORK_INTERFACE', '');
+define('PSI_HIDE_NETWORK_INTERFACE', 'eth0');
[6]\* Edit /etc/apache2/sites-enabled/010-localhost-admin-tools
--- old 2012-01-11 15:22:18.000000000 +0100 +++ new 2012-01-11 15:24:30.000000000 +0100 @@ -4,2 +4,20 @@ + + + # PHPSYSINFO + # ---------- + + DocumentRoot /usr/share/phpsysinfo + + <Directory /usr/share/phpsysinfo> + Options none + DirectoryIndex index.php + + Order deny,allow + Deny from all + Allow from 127.0.0.1 + </directory> + + + # PHPMYADMIN
[7]\* Edit /usr/share/phpsysinfo/includes/os/class.Linux.inc.php
--- old 2012-01-11 15:41:15.000000000 +0100
+++ new 2012-01-11 15:42:16.000000000 +0100
@@ -575,3 +575,3 @@
$this->_usb();
- $this->_network();
+// $this->_network();
$this->_memory();