{"id":28,"date":"2012-07-29T13:13:00","date_gmt":"2012-07-29T13:13:00","guid":{"rendered":"http:\/\/www.mirageglobe.com\/wp\/?p=28"},"modified":"2012-07-29T13:13:00","modified_gmt":"2012-07-29T13:13:00","slug":"drawing-up-a-web-service","status":"publish","type":"post","link":"https:\/\/pages.alldaycity.com\/mirageglobe\/drawing-up-a-web-service\/","title":{"rendered":"Drawing up a Web Service"},"content":{"rendered":"<div dir=\"ltr\">So you have a machine setup running which is a server. Your server should have an external IP address. This makes your machine address seekable. An IP v4 would look like 123.45.67.89. Nowadays IPv6 is both applicable. Well, we are not very interested about this here.What we are looking at is DNS. Domain Name Server. There are a few out there such as GoDaddy, Register.com etc. Most are good. Avoid small unknown name servers. The prices are competitive so going to larger companies is the way forward.<br \/>\n<b>Setting up DNS using your Domain Host (such as GoDaddy)<\/b><br \/>\nIn your domain, just set the IP address to point to your new server IP (given to you by your provider, Rackspace or Amazon. You can do this by going on to the machine and typing<\/p>\n<blockquote><p>&gt; ifconfig<\/p><\/blockquote>\n<p><b>Setting up DNS using RackSpace&#8217;s servers<\/b><br \/>\nSome DNS guides at rackspace are rather complicated and hard to manage. I would leave it to using the domain providers or your hosting provider&#8217;s DNS system. At rackspacecloud; and i presume most DNS settings have similar setting options, heres how its set:<br \/>\nyou need<\/p>\n<ul>\n<li>1x A record [which is IP],<\/li>\n<li>1x CName record [which is www.mydomain.com],<\/li>\n<li>1x MX record [which is mydomain.com; this allows asd@mydomain.com], and thats it.<\/li>\n<\/ul>\n<div>if you need more sub domains you can add more CNames e.g. abc.mydomain.com<\/div>\n<p>A record\n<\/p><\/div>\n<ul>\n<li>Name = mydomain.com;<\/li>\n<li>Content = 123.45.67.89; [content is your ip address]<\/li>\n<li>TTL = 300;<\/li>\n<\/ul>\n<div>CName record<\/div>\n<ul>\n<li>Name = www.mydomain.com;<\/li>\n<li>Content = mydomain.com;<\/li>\n<li>TTL = 300;<\/li>\n<\/ul>\n<div>MX record:<\/div>\n<ul>\n<li>Name = mydomain.com;<\/li>\n<li>Content = mydomain.com;<\/li>\n<li>TTL 300;<\/li>\n<li>Priority = 10 [if you use google apps, they will give you a huge list of 6 mx records, I know. its a pain. Enter them all by changing the Content, such as Content = aspx.googlemail.com]<\/li>\n<\/ul>\n<div>Take a note of TTL which is time to live in seconds. 300 seconds would be 5 minutes. If DNS is changed it will take 5 minutes to propagate throughout the world. Normally people put 84600 which is 24 hours.<b>Install a HTTP server<\/b>\n<\/div>\n<div><\/div>\n<div><\/div>\n<div>You might notice why i call it a http server and not web server. Web server works but to make the term clearer so you remember what it is for, we stick to HTTP server. Apache \/ Cherokee \/ Lighttpd \/ thttpd and many more are just HTTP servers. All they do is sit as a service at port 80 (default) and listen to incoming requests.<\/div>\n<div><\/div>\n<div><\/div>\n<div>So what about Php and LAMP stack etc? Those are good terms and technologies but i see them confusing lots of people. Php is just an interpreter. It takes in php scripts and processes it. Occassionally its used to spurt out HTML code. Aha! thats why you need a HTTP server to parse the HTML code to the world!<\/div>\n<div><\/div>\n<div><\/div>\n<div><\/div>\n<div>So with this in mind. You dont really need php to do server side scripting. Python, Ruby, even C is possible.\n<\/div>\n<div><i>Installing Cherokee with Php5<\/i><br \/>\nCherokee (is the alternative of Apache). Its non blocking style of http service make is outperform Apache in response. (http:\/\/www.cherokee-project.com\/). To install it, open up terminal and type in the following,<\/div>\n<blockquote><p>&gt; apt-get install cherokee<\/p><\/blockquote>\n<div>To call up an interface, run the following<\/div>\n<div><\/div>\n<blockquote><p>&gt; sudo cherokee-admin -b<\/p><\/blockquote>\n<div><\/div>\n<div>The rest should be quite self explanatory.<\/div>\n<div><i>Installing Lighttpd with Php5<\/i><\/p>\n<blockquote><p>apt-get install lighttpd php5-cgi<br \/>\n\/etc\/lighttpd\/lightly-enable-mod fastcgi [1]<br \/>\n\/etc\/init.d\/lighttpd restart [4]<\/p><\/blockquote>\n<p>Now we can proceed to create a skeleton for your domains. This is so you can reuse it when you are adding new domains. Ignore this if you have just 1 domain.<br \/>\ncd \/etc\/skel<br \/>\nmkdir -p {backup,logs,private,public\/uploads} [5]<br \/>\nnow every time you create a new domain user, this will create a new structure. If you go to your domain from any browser http:\/\/123.45.67.89 you should see a lighttpd page.<br \/>\ncd \/etc\/skel\/public\/uploads<br \/>\nnano index.html<br \/>\nadd in the following:<\/p>\n<h1>Site under maintenance, please come back later<\/h1>\n<p>[press crtl-x to exit nano]<br \/>\nInstall php-myadmin<br \/>\n&gt; apt-get install phpmyadmin<br \/>\nselect lighttpd using spacebar then hit enter. when it asks to configure database for phpmyadmin, select yes. it will then ask for your mysql password, and ask you to set phpmyadmin password .<\/p>\n<h3>Before you start with .htaccess<\/h3>\n<div>If you don&#8217;t have a .htaccess file in your directory just create a simple textfile with the name .htaccess, remember to save the .htaccess file with a &#8220;.&#8221; dot. In Windows Notepad save as &#8220;.htaccess&#8221; (with quotes in the save dialog).<\/div>\n<div><\/div>\n<div>Lines starting with # indicates a comment and will note be parsed.<\/div>\n<h3>Prevent downloading of your SQLite database<\/h3>\n<p>If you place your SQLite database in a public www directory it could be downloaded by a visitor. See the\u00a0<a title=\"SQLite - quick tips\" href=\"http:\/\/www.litewebsite.com\/?c=16\">SQLite quick tips<\/a>\u00a0for creating a SQLite database in a safer way. Add or remove file extension if needed. Place the following code in your .htaccess file.<\/p>\n<div>\n# Deny sqlite file access. File extensions in parentheses<br \/>\n&lt;FilesMatch &#8220;.(sqlite|sqlite2|sqlite3|sq|sq2|sq3)$&#8221;&gt;<br \/>\nDeny from all\n<\/div>\n<h3>Custom error pages, &#8220;404 page not found&#8221;&#8230;<\/h3>\n<p>If you want to set your own error page for &#8220;404 page not found&#8221; and for other\u00a0<a title=\"HTTP status code\" href=\"http:\/\/www.w3.org\/Protocols\/rfc2616\/rfc2616-sec10.html\">HTTP status codes<\/a>\u00a0you can do that easily in a .htaccess file.<\/p>\n<div>ErrorDocument 404 \/yourOwn404Page.html<\/div>\n<p>Just replace the &#8220;404&#8221; with the the code you need and the file that should be shown.<\/p>\n<h3>Disable directory browsing<\/h3>\n<p>If you have an image directory that shows all your files when accessing it, you can disable this by placing an .htaccess file with the following code (notice the minus sign)<\/p>\n<div># &#8211; (minus) disable browsing. + (plus) enable browsing<br \/>\nOptions -Indexes<\/div>\n<p>If you place a plus sign in front of Indexes it will list your files again. A simpler variant is just to place an index.html file in that directory, it will do the same thing. You decide \ud83d\ude42<\/p>\n<h3>Change default index page<\/h3>\n<p>Want to have another index page than the regular index.html, index.php page? Change the myStartPage.html in the following code and then add all other index pages you need. If myStartPage.html is not found it will try index.html and then index.php (and so on).<\/p>\n<div># reading left to right<br \/>\nDirectoryIndex myStartPage.html index.html index.php<\/div>\n<h3>Reference<\/h3>\n<p>Shamelessly quoted from:\u00a0<a href=\"http:\/\/www.litewebsite.com\/?k=tips\">http:\/\/www.litewebsite.com\/?k=tips<\/a><br \/>\n[1]some blogs say that we should add fastcgi-server={\u2026 config. The above was done without problems. perhaps bug fixed.]<br \/>\nso where are my http files? its at \/var\/www\/<br \/>\nsome blogs report memory leaks of lightly like a seive. Bahh. add in weekly cron server restart<br \/>\n[4] this will stop 403 errors when you try to access phpmyadmin remotely<br \/>\n[5] if you make a mistake you can use &gt; rm -r xxxx to remove the xxxx directory.\n<\/div>\n<h2>Designing your webserver and access<\/h2>\n<div>The file you need to alter here is \/etc\/group<\/div>\n<div>make sure theres a www-data group in the list. A record like &#8220;www-data:x:33:mywebsite.com,mysite2.com&#8221; means that mywebsite.com is a user of www-data<\/div>\n<div>www-data is the group that controls your web sites. The idea is to add your first user account which is the administrator. &#8220;madmin&#8221; is my first user. I added this user to www-data to help ease traversing and controlling the websites by command line.<\/div>\n<div>I have then made individual users by their website name to help ftping.<\/div>\n<div>1) Have 1 admin user who is not the root<\/div>\n<div>2) Have users for each domain to access FTP when needed.<\/div>\n<h2>Adding a new domain website<\/h2>\n<div>&gt; useradd -d \/home\/mydomain.com -m mydomain.com<\/div>\n<div>[note that adduser is different. it requires more details]<\/div>\n<div>[rm -r to remove the directory from \/home\/mydomain]<\/div>\n<div>[userdel to delete the user if wrongly created]<\/div>\n<div>&gt; passwd mydomain.com<\/div>\n<div>&gt; usermod -a -G www-data mydomain.com<\/div>\n<div>[this adds your user to the www-data group]<\/div>\n<div>&gt; chgrp -R www-data \/home\/mydomain.com\/public<\/div>\n<div>&gt; chmod -R 2750 \/home\/mydomain.com\/public<\/div>\n<div>&gt; chmod -R 2770 \/home\/mydomain.com\/public\/uploads<\/div>\n<div>[if you copy stuff from another directory using root remember to use following]<\/div>\n<div>&gt; chown -R mydomain:www-data \/home\/mydomain.com\/public<\/div>\n<div>&gt; chgrp -R www-data \/home\/mydomain.com\/public<\/div>\n<div>&gt; chmod -R 2750 \/home\/mydomain.com\/public<\/div>\n<div>[otherwise you may get ftp errors]<\/div>\n<div>[lightly configuation and logs]<\/div>\n<div>&gt; nano \/etc\/lighttpd\/lighttpd.conf<\/div>\n<div>[find a nice place: scroll all the way down till: #### handle Debian Policy Manual, Section 11.5. urls]<\/div>\n<div>[add in the following]<\/div>\n<div>$HTTP[&#8220;host&#8221;] =~ &#8220;(^|.)mydomain.com$&#8221; {<\/div>\n<div>server.document-root = &#8220;\/home\/mydomain.com\/public&#8221;<\/div>\n<div>server.errorlog = &#8220;\/var\/log\/lighttpd\/mydomain.com\/error.log&#8221;<\/div>\n<div>accesslog.filename = &#8220;\/var\/log\/lighttpd\/mydomain.com\/access.log&#8221;<\/div>\n<div>server.error-handler-404 = &#8220;\/e404.php&#8221;<\/div>\n<div>}<\/div>\n<div>&gt; mkdir \/var\/log\/lighttpd\/mydomain.com<\/div>\n<div>&gt; chown -R www-data:www-data \/var\/log\/lighttpd<\/div>\n<div>[now lighttpd own this logs directory]<\/div>\n<div>[you have to run this everytime you add a new domain]<\/div>\n<div>&gt; \/etc\/init.d\/lighttpd restart<\/div>\n<div>[this should restart the server nicely. if you have installed vsftp you should be able to put in a test.html file in the public folder and test it.]<\/div>\n<div>[at this time you can configure your dns for mydomain.com to point to this ip address. This would be the A record]<\/div>\n<div>FAQ:<\/div>\n<div>Q: Why asd.html file is not found but sdf.html file is found when i type in 123.45.67.89 when both files are in the directory?<\/div>\n<div>A: File permission settings might be wrong. check that www-data is the group and its chmod -R 2750 to the public folder<\/div>\n<div>\n<h2>Install ftp server<\/h2>\n<div>&gt; apt-get install vsftpd<br \/>\n&gt; nano \/etc\/vsftpd.conf<\/div>\n<div>[change the following: you have to remove # from the front of the line]<\/div>\n<div>* anonymous_enable=NO<br \/>\n* local_enable=YES<br \/>\n* chroot_local_user=YES<\/div>\n<div>[press crtl-x to exit and save]<\/div>\n<div>&gt; \/etc\/init.d\/vsftpd restart [1][2]<\/div>\n<h3>NOTES:<\/h3>\n<ol>\n<li>[1] just by running vsftpd restart will give you a OOPs 500 error. You need to put &#8220;service&#8221; before vsftpd<\/li>\n<li>[2] or you can run &gt; service vsftpd restart<\/li>\n<li>seems like vsftpd or other ftp software hooks onto user accounts. so for web servers, each domain should have a ftp account<\/li>\n<li>remember to set chroot<\/li>\n<li>by default openssh should be installed on ubuntu<\/li>\n<\/ol>\n<h2>FTPS for VSFTPD (Very secure ftp daemon)<\/h2>\n<div>Note that ftps is different from sftp.<\/div>\n<div>&gt; mkdir \/etc\/vsftpd<br \/>\n&gt; openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout \/etc\/vsftpd\/vsftpd.pem -out \/etc\/vsftpd\/vsftpd.pem<br \/>\n&gt; chmod 600 \/etc\/vsftpd\/vsftpd.pem<br \/>\n&gt; nano \/etc\/vsftpd.conf<\/div>\n<div>[Add in or make sure the following is uncommented.]<\/div>\n<div>ssl_enable=YES<br \/>\nallow_anon_ssl=NO<br \/>\nforce_local_data_ssl=YES<br \/>\nforce_local_logins_ssl=YES<br \/>\nrequire_ssl_reuse=NO<br \/>\n# need require ssl reuse otherwise you get errors when you are editing files using ftps<br \/>\n# error &#8220;vsftpd: SSL connection failed session reuse required&#8221;<br \/>\nssl_tlsv1=YES<br \/>\nssl_sslv2=YES<br \/>\nssl_sslv3=YES<br \/>\nrsa_cert_file=\/etc\/vsftpd\/vsftpd.pem<br \/>\nlisten_port=21<br \/>\n#you can use any port, filezilla defaults to port 21. So does wordpress<br \/>\npasv_min_port=20000<br \/>\npasv_max_port=20999<br \/>\n# you will need this pasv, otherwise when you set up firewall, you get ftp connection problems. as a sample use 20000 &#8211; 20999<\/div>\n<div>&gt; \/etc\/init.d\/vsftpd restart<\/div>\n<div>now you can ftp into your system using port 990 with ftps<\/div>\n<h3>NOTES:<\/h3>\n<ol>\n<li>Ref: http:\/\/ubuntuforums.org\/showthread.php?t=518293<\/li>\n<\/ol>\n<div><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>So you have a machine setup running which is a server. Your server should have an external IP address. This makes your machine address seekable. An IP v4 would look like 123.45.67.89. Nowadays IPv6 is both applicable. Well, we are not very interested about this here.What we are looking at is DNS. Domain Name Server. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-28","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts\/28","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/comments?post=28"}],"version-history":[{"count":0,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/posts\/28\/revisions"}],"wp:attachment":[{"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/media?parent=28"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/categories?post=28"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pages.alldaycity.com\/mirageglobe\/wp-json\/wp\/v2\/tags?post=28"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}