Creating a webserver

From Leechfinger
Revision as of 21:49, 17 May 2024 by Qais (talk | contribs)
Jump to navigationJump to search

Purpose

This document highlights our steps in building a very simple low end Webserver.

Hardware

We chose Dell for our build. Just a few key configuration items:

  • PowerEdge R250 Server
  • Intel Xeon E-2378G 2.8GHz, 16M Cache, 8C/16T, Turbo (80W), 3200 MT/s
  • PERC H755 Adapter, Low Profile
  • 4 3.5" 22 TB SATA drives
  • 128 GIG RAM
  • Broadcom 5719 Quad Port 1GbE BASE-T Adapter
  • Enterprise Drac

Installing Debian

Please refer to installing Debian articles.

Post install

  • Make sure sshd is running and proper space is showing for your drives.
# systemctl status sshd.service 
 ssh.service - OpenBSD Secure Shell server
# df -h | grep sda
/dev/sda2        60T  1.8G   57T   1% /
/dev/sda1       512M  5.9M  506M   2% /boot/efi

Now, you can close the lid and slide back your KVM and go to your workstation for the rest of the configuration, unless you were doing all this from iDRAC to start with. In that case, you can close the console and ssh into your server.

Get colors in .bashrc for root

We are going to be doing a lot of work as root so it is best to get some colors in our shell to distinguish between files and directories. Edit /root/.bashrc and un-comment two lines. 

export LS_OPTIONS='--color=auto'
alias ls='ls $LS_OPTIONS'

Update the system

We just did a fresh install, which was a net-install; so, everything should be current. It does not hurt to run an update anyway. 

# apt update; apt upgrade; apt dist-upgrade;

Essential utilities

We need to secure the server and also get the logs rolling. Plus, we need our favorite editor, way to change to su, un-compress files and copy files. Here is what we need for all this: 

# apt install ufw rsyslog vim sudo unzip rsync

Setup simple firewall rules for web

You can add a lot more rules later on but here are the basic ones to secure your server for now, since it is already live on the wire. 

# ufw enable
# ufw allow in on eno8303 from 10.11.12.0/24 proto tcp to any port 22
# ufw default deny incoming
# ufw default allow outgoing
# ufw logging on
# ufw logging medium
# ufw allow log 22/tcp
# ufw allow log 80/tcp
# ufw allow log 443/tcp
# ufw allow in on eno8303 from any proto tcp to any port 80,443

Installing apache

Installing Apache

Retrieved from "https://leechfinger.com/index.php?title=Creating_a_webserver&oldid=149"