Cent OS and web server install.

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
I plan on purchasing a dedicated box here shortly, and wanted to get CentOS up to par to run and sell web space/bandwidth on a dedicated box.

I have VMWare server on my machine, and am playing with an install right now, I installed the server version, so a lot of the stuff needed is probably already installed.

out of the box, what do I need to do with my CentOS server install to get it up and running? I looked around CentOS's website with not much directive. Reading a few of there posts, they seem a bit rough with answers people have, so I thought i'd check her first.

I assume I need to set up some sort of FTP, and a Mail server on here as well?

how do I get support for ASP, or AJAX?

I will purchase a license for WHM/cPanel ... will that be able to do EVERYTHING I need to automate this?

I will use WHMCS for my billing software to set it all up, and interface with WHM.

I also need to make this very secure, is there an easy way to do this? It seems like a realm on it's own..each thing has to be secure in itself, liek FTP, Apache, firewall, etc.

This is assuming I get a managed dedicated server, where backups and most networking things will be handled by the company I lease/rent the box from.

Lastly, is the cost of renting a server at , say 100$ a month seem like a good idea, or should I purchase my own hardware and get a collocation at a datacenter here so i can be near it, and worry about it myself? (backups, security, etc)?


<--- pumped to play with nix :)
 

Nothinman

Elite Member
Sep 14, 2001
30,672
0
0
I assume I need to set up some sort of FTP, and a Mail server on here as well?

I believe it comes with Postfix for SMTP by default, if you want IMAP or POP you'll probably need to install that though. Same for FTP, you only need to install it if you want an FTP server.

how do I get support for ASP, or AJAX?

If you want ASP I'd suggest Windows and IIS, you could try the Apache Mono stuff but I have no idea how well it works. And AJAX is just fancy javascript stuff that's all run local, not on the server.

I also need to make this very secure, is there an easy way to do this? It seems like a realm on it's own..each thing has to be secure in itself, liek FTP, Apache, firewall, etc.

Pretty much. And FTP itself is insecure by nature so you should avoid it if possible.

Security is a process, not a product. After it's all setup and secure you'll still have to watch patches, log files, etc to be really on top of things.
 

xSauronx

Lifer
Jul 14, 2000
19,582
4
81
red hat also has a deployment guide, or administrators guide (or both? i dont remember) availalbe as a pdf on their website. since centos *is* red hat its entirely applicable, and worth snagging.
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Do yourself and your clients a favor, don't take on any commercial clients.

You'll need a webserver. Apache is the most popular. Lighttpd is nice, and nginx is decently popular (mostly outside of the US?).

Webserver goodies: You'll probably need php. mod_perl/mod_python probably won't hurt. MySQL or Postgresql too.

Log monitoring: This is a biggie. Watch your logs. All of them. All the time. I spend a couple of hours a day going through logs on machines that aren't serving content on the net. There are tools to help with this.

Process monitoring: You gotta make sure everything is running. Find something to help with that.

Email is a tough one, it's so easy to get wrong. Be careful or you'll quickly get blacklisted.

File integrity: Get something like trip wire, aide, or samhain so you'll know when your files change.

There's plenty more, but I'm out of time. :)
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
I like to use postfix + spamassassin + clamav + amavis-av to handle mail and I use dovecot for MUA and it works nicely. There are tons of things to pay attention to when setting it up though, I would recommend not doing it yourself the first time if possible.

Make sure you don't have a workable build environment on your production servers too. Notifications on someone opening a root shell is nice too.

You've got a long ways to go to having a secure server, but if you are planning on using WHM/cPanel then they take care of 99% of the setup and 50% of the security IMO. To go from there and have a really secure server won't be that bad.
 

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
why wouldn't you have FTP? kind of a necessity! When yous ay WHM/cPanel take care of 99% of the setup, what do you mean? I still have to yum/install everything correct?

Are there good companies I can get in touch with to help me out with setting up a reliable web server? Of course i'd pay them to consult with me.

A lot of little things to deal with, but it sounds like fun :).

What kind of setup is required for each application? Most of these are installed already from it being a centos-server build.

How does WHM/cPanel KNOW to interact with my ftp isntall/apache/mysql installs to properly set everything up for me?
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
Originally posted by: ViviTheMage
why wouldn't you have FTP? kind of a necessity! When yous ay WHM/cPanel take care of 99% of the setup, what do you mean? I still have to yum/install everything correct?

Are there good companies I can get in touch with to help me out with setting up a reliable web server? Of course i'd pay them to consult with me.

A lot of little things to deal with, but it sounds like fun :).

What kind of setup is required for each application? Most of these are installed already from it being a centos-server build.

How does WHM/cPanel KNOW to interact with my ftp isntall/apache/mysql installs to properly set everything up for me?

You install WHM/cPanel on the server and run through the setup/install process. It knows what software to install and how to configure it for shared hosting servers. That's the whole point of it, you shouldn't ever have to use the CLI with a proper setup of WHM/cPanel. Lots of hosting companies offer managed servers which would take the load off of you to actually administer the servers.
 

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
Originally posted by: Crusty
Originally posted by: ViviTheMage
why wouldn't you have FTP? kind of a necessity! When yous ay WHM/cPanel take care of 99% of the setup, what do you mean? I still have to yum/install everything correct?

Are there good companies I can get in touch with to help me out with setting up a reliable web server? Of course i'd pay them to consult with me.

A lot of little things to deal with, but it sounds like fun :).

What kind of setup is required for each application? Most of these are installed already from it being a centos-server build.

How does WHM/cPanel KNOW to interact with my ftp isntall/apache/mysql installs to properly set everything up for me?

You install WHM/cPanel on the server and run through the setup/install process. It knows what software to install and how to configure it for shared hosting servers. That's the whole point of it, you shouldn't ever have to use the CLI with a proper setup of WHM/cPanel. Lots of hosting companies offer managed servers which would take the load off of you to actually administer the servers.

oh wow, so I don't even need to set these up myself...interesting...just slap in WHM/cPanel?

I am kind of at a tossup about getting a managed server, or purchasing my own and putting it in a collocation. Is that typically a good idea--or does the cost negate itself with what they can do for me, that I probably would not know how to do at a collo?
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
Honestly, I would start with a fully managed server and go from there. It's a small price to pay to know that your server will work. Head over to webhostingtalk.com and look around for recommendations on hosting companies that offer what you want. Once you get the hang of running the managed server you can think about running an unmanaged server and then possibly a colo solution if you need to.
 

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
Originally posted by: Crusty
Honestly, I would start with a fully managed server and go from there. It's a small price to pay to know that your server will work. Head over to webhostingtalk.com and look around for recommendations on hosting companies that offer what you want. Once you get the hang of running the managed server you can think about running an unmanaged server and then possibly a colo solution if you need to.

oh, I have been over there a lot in the past few months. I will have to check out some managed servers, thanks for the information, should prove very useful :).

I'll play with centos while I do more research into managed servers companies.

What sort of logfiles should I watch, specific locations?
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
/var/log ;)

WHM/cPanel comes with it's own parsing engine and will email reports nightly to the administrator email address about what it finds. Stuff like attempted ssh logins, shells accessed, rootkit detection, ftp logins and whatnot. I like to be notified immediately whenever a shell is opened though, because the only person that should be doing that is me ;)
 

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
What sort of logfiles should I watch, specific locations?

These types of questions scare me. Especially when it's coming from someone who wants to setup a business based around the system producing the log files... :confused:

/var/log/*

There may be more, depending on how/what you setup.
 

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
Originally posted by: n0cmonkey
What sort of logfiles should I watch, specific locations?

These types of questions scare me. Especially when it's coming from someone who wants to setup a business based around the system producing the log files... :confused:

/var/log/*

There may be more, depending on how/what you setup.

<--- *nix noob. The guys who actually run my server know everything about it. I am just trying to learn everything so I can make thing easier when talking to them about support issues.

Originally posted by: Crusty
/var/log ;)

WHM/cPanel comes with it's own parsing engine and will email reports nightly to the administrator email address about what it finds. Stuff like attempted ssh logins, shells accessed, rootkit detection, ftp logins and whatnot. I like to be notified immediately whenever a shell is opened though, because the only person that should be doing that is me ;)

I plan to pick up an iphone with AT&T specifically to receive emails via 3G :D.

I will want to know right away too...push mail is great!
 

Crusty

Lifer
Sep 30, 2001
12,684
2
81
Some carriers will allow you to send an email message to something like 5555555555@mobile.sprintpcs.com and it will automatically forward it as a text message to your phone. You should check into that first to see if it works for you. That's how I get heartbeat failures from servers.
 

ViviTheMage

Lifer
Dec 12, 2002
36,189
87
91
madgenius.com
Originally posted by: Crusty
Some carriers will allow you to send an email message to something like 5555555555@mobile.sprintpcs.com and it will automatically forward it as a text message to your phone. You should check into that first to see if it works for you. That's how I get heartbeat failures from servers.

that'd work out just as well actually.

i could just expense my current personal phone plan.
 

xSauronx

Lifer
Jul 14, 2000
19,582
4
81
Originally posted by: Crusty
Some carriers will allow you to send an email message to something like 5555555555@mobile.sprintpcs.com and it will automatically forward it as a text message to your phone. You should check into that first to see if it works for you. That's how I get heartbeat failures from servers.

this. the admin at the wisp i worked at did this and got a text every time $action happened