Hello Guys!

One of the ordeal that I had experience as a web developer is that Windoze2000/XP limits its network connectivity to 10 users which really sucks

I migrated web application from ASP/ASP.Net to PHP using WAMP setup(Windoze, Apache 2.2, MySQL 5.0 and PHP 5.0) and planning to shift this web application in Linux Platform .

Which is the best Linux Distro that will suit my needs? (no XWindow just plain konsole)

What I need is
1.) Apache
2.) MySQL
3.) PHP
4.) OpenSSL
5.) Samba
6.) Webmin
7.) Mail Server.

I would like to access it using Putty or thru HTTP.

I prepared a a guinea pig PC for this setup (Celeron 500Mhz, 128Mb RAM, 8 Gb HDD).

I hope that you can reply to my question. Thanks for reading my post

I'm using Ubuntu's Dapper Dan Lamp server software. It was easy to install and maintain. I've had no problems with it. I recognized all my hardware immediately. I installed webmin and usermin on it with no problems. I haven't bothered to put samba on it.

Pretty much any distro will meet those requirements out of the box, so you should probably base your decision on other criteria. If a good respository of pre-compiled software is key, then probably Debian or one of the Debian branches. If you're looking for a good console distro and don't mind compiling your own software, Slackware is the way.

There's also CentOS, which is a free rebuild of RedHat Enterprise (without the trademarked logos). Very stable platform with good administration tools and a ton of great documentation (all the RedHat docs apply).

Cent OS and Slackware has a lot of CDS! which CD should i download in i386??? is CD1 enough for my Server Setup?

i installed ubuntu 7.04 and its hard to configure specially the hostname. i tried to modify it in /etc/hosts but still the same plus i cant access mysql on mysql query browser which i really need to transfer all my schemas and tables.

i downloaded slackware 12 already (cd1 only)

If you're going console only, that should do the trick. CD2 has X, X applications, KDE and teTEX, which I think is a latex word processor. Of course you can always get the extra packages you need by downloading them individually. In particular, have a look in the /extra directory as it has a lot of interesting stuff that could be useful.

Also be sure to check out the SlackBuilds site. They have build scripts for a lot of software that you might need.

i tried ubuntu feisty into test drive and i had a hard time configuring MySQL Server and Apache.

after googling around... i found this site
http://www.howtoforge.com/the_perfec...untustudio7.04

i followed the instructions but i never succeed with connecting MySQL in other PC. i googled more and i found this site

http://www.parcival.org/2006/07/14/h...ubuntu-server/

using PuTTY... i accessed mysql and type this

GRANT ALL PRIVILEGES ON *.* TO 'your_username'@'%' IDENTIFIED BY 'your_password' WITH GRANT OPTION;

granting my network pc to access my server weeeeeeee!

but i have some other problems... with this mysql command... am i risking the security of mysql?

I think the answer is it depends. At first glance, yes, you've got a security problem. Anyone who can get/guess your MySQL username and password will have completely unrestricted access to your databases from any location that can access the server. If you've restricted access to the MySQL server so that only LAN computers can access it, that would help. For any applications that are using MySQL, they should each have their own username and password that allows only access to a specific database from a specific IP address and they should never, ever have the GRANT option.

If you haven't already, check out using phpMyAdmin which is a very nice tool for administering databases.

thanks for the reply

thanks to you guys! my linux is now running =)

i have a lot of questions in mind...

i have 2 apache running on my ubuntu (1.3 and 2.2) i just want to run apache 2.2 according to webmin, i cant start apache 2.2 because of port conflict. how can i remove apache 1.3?

how can i also enable PHP in apache2.2? how can i also configure linux to share directory? is there a console php text editor with syntax highlighting? thanks again guys =)

assuming you installed it via apt-get, try:

again, assuming you installed apache2 by apt-get (sudo apt-get install apache2)

then you can simply perform:

donot ever panic about the lamp you can simply installing the XAMPP form the apache friends site and every thing will work like charm & u can get it from here >> http://www.apachefriends.org/en/index.html

thanks for the reply

i finally solved the problem

i reinstalled everything from scratch.
typed this to the shell

apt-get install apache2 php5 libapache2-mod-php5
apt-get install mysql-server mysql-client php5-mysql
changed mysql root password

echo <?php phpinfo();?> > /var/www/test.php

and when i type http://myip/test.php it displays the configuration file for PHP =) geez! too many resources / documentation confuses me

thanks Hangdog42 for giving me an idea about grant permission and phpMyAdmin =) thank you so much guys! =)

i have another question with regards to security =)

with my server configuration... is it secured enough? i only grant permission access in mysql to local users (application server pc). i also installed webmin and openssl-server. i did not install samba or any other service.

my users/root password length is 15 or greater with case sensitive characters (mixed with numbers) also with mysql but it has its different password with my login password in shell.

should i add some security features with regards to my current server setup?

The short answer is yes, absolutely. A very significant number of problems with web sites aren't security issues with Apache or MySQL, but rather with poorly coded web applications, particularly PHP. You need to be thinking about hardening your system NOW before you make it generally available because people will attempt to crack it. Every. Single. Day.

I would head to the Security forum here and look through the links in the sticky at the top. UnSpawn has done a tremendous service in gathering a ton of excellent links on securing your system, and what to do when you think you've been compromised.

A couple of tools I've found extremely useful are Aide, which takes a snapshot of your system and warns you about changed files (similar to Tripwire or Samhain) and ModSecurity for Apache. Of course you need to regularly monitor your system with rkhunter and chkrootkit as well.

Aide won't prevent any breakins, but you can use it to figure out what has been changed on your system and maybe save yourself a complete re-install. And at first, ModSecurity can be annoying because its rules can really lock down a server. You'll need to spend some quality time looking at your logs and figuring out if it is blocking normal traffic.

Finallly, be sure to bookmark the CERT Intrustion Checklist. This is the place you should start if you think you've been cracked.

It is actually the scripts that are poorly coded, PHP does NOT have security checking built into it, that is the job of the peson doing the scripting. and where the "php based website cross site scripting / sql injection exploit" keeps coming from. The site developers aren't paying attention to the site security.

All good points, but if this is a development and testing server for lan use only, then a simple router firewall change can stop the server from being found outside of the lan.

If the OP wants it visible on the internet, then with a browser on that machine, a good test is Shields Up. with no firewall on your box or router it will tell you what ports out of the first 1024 are being blocked by the isp, with a firewall on the box it will tell you what your rules have opened so you can keep the firewall itself from leaving gaps in security.
[ the no firewall test tells you if you need to use non standard ports ]

My isp uses a firewall that shuts down the standard ports, after any server activity is detected unless the ip is designated for such activity. My home ip is blocked from internet access to my servers by my isp.