HowTo: Run Network Service Per System / VM Instance To Improve Overall Security Of A Web Stacks (LAMP)

Posted on in Categories Apache, Linux last updated June 22, 2012

A web stack is nothing but collection of many open source software such as an operating system, Web server, database server, server side programming language. The most commonly known web stacks is LAMP. It is an acronym for a solution stack of free, open source software, referring to the first letters of Linux (operating system), Apache Web server, MySQL database software and PHP (or sometimes Perl or Python). All of our security related tutorials recommends running different network services on separate systems or vm instance. Naturally, this limits the number of other services that can be cracked in the event that an attacker is able to successfully exploit a software flaw in one network service. This is also one of the most requested article via email. In this guide, I will explain how to setup a solution that can serve static content, dynamic content, database, and caching by running on separate servers or vm instance.

Linux: Creating a Network File System (NFS) Share For Apache / Lighttpd / Nginx Web Server

Posted on in Categories Linux, RedHat/Fedora Linux last updated June 22, 2012

Creating a Network File System (NFSv4.0) shared network resource is exactly like creating any other shared network resource in Linux or Unix for Apache / Lighttpd / Nginx web server. You need to type the following commands on vm05 having an IP address 192.168.1.14.

This blog post is part in the “Run Different Linux Network Services on Separate Systems/VM” series.

HowTo: Configure Apache Web Server To Use NFS Shared HTML+PHP5 Files

Posted on in Categories Apache, Linux, RedHat/Fedora Linux last updated June 22, 2012

The Apache web server is responsible for providing access to dynamic content via the HTTP or HTTPS protocol. In this example, I’m going to install and use the Apache 2 web server + php5 safely and set DocumentRoot to vm05:/exports/html mounted at /var/www/html. You need to type the following commands on vm02 having an IP address 192.168.1.11.

This blog post is part in the “Run Different Linux Network Services on Separate Systems/VM” series.

Configure Lighttpd Web Server To Use NFS Shared Static Files

Posted on in Categories lighttpd, Linux, RedHat/Fedora Linux last updated June 22, 2012

The Lighttpd web server is responsible for providing access to static content via the HTTP or HTTPS protocol. In this example, I’m going to install and use the Lighttpd web server and set DocumentRoot to vm05:/exports/static mounted at /var/www/static. You need to type the following commands on vm01 having an IP address 192.168.1.10 only.

This blog post is part in the “Run Different Linux Network Services on Separate Systems/VM” series.

HowTo: Use Nginx As Reverse Proxy Server

Posted on in Categories Linux last updated June 22, 2012

Nginx is an open source Web server and a reverse proxy server. You can use nginx for a load balancing and/or as a proxy solution to run services from inside those machines through your host’s single public IP address such as 202.54.1.1. In this post, I will explain how to install nginx as reverse proxy server for Apache+php5 domain called www.example.com and Lighttpd static asset domain called static.example.com. You need to type the following commands on vm00 having an IP address 192.168.1.1 only.

This blog post is part in the “Run Different Linux Network Services on Separate Systems/VM” series.

Linux / Unix Desktop Fun: Text Mode ASCII-art Box and Comment Drawing

Posted on in Categories Linux, Linux desktop last updated June 11, 2012

Boxes command is a text filter and a little known tool that can draw any kind of ASCII art box around its input text or code for fun and profit. You can quickly create email signatures, or create regional comments in any programming language. This command was intended to be used with the vim text editor, but can be tied to any text editor which supports filters, as well as from the command line as a standalone tool.