Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Results 1 to 2 of 2
  1. #1
    Junior Member
    Join Date
    Jul 2009
    Posts
    1
    Member #
    19473
    Folks,

    First a short background
    ********************
    I'm very new to Ubuntu but I managed to install Ubuntu desktop 9.04, followed by LAMP server, and then followed by phpmyadmin. As part of doing all that I did:

    $sudo chown user-id /var/www
    $sudo chgrp user-id /var/www

    to change the group and owner of the web server directories to the user I use to log into the Ubuntu machine with. I don't know if that was the right thing to do or not but seemed a good idea at the time.

    I am shortly going to install webmin to give me a web gui way of configuring Apache etc after which I want to install TikiWiki. The Ubuntu box is sitting behind a router on my LAN. I'd like to be able to access the TikiWiki and Ubuntu box across the Internet after all is done somehow. My LAN accesses the Internet via an ADSL2/2+ modem/router and I do not have the luxury of a static IP address.

    Questions
    ********
    Q1. Presumably a LAMP installation starts out with some security in mind with the defaults set for Apache but are there some standard things that should be set for Apache bearing in my mind the chown and chgrp I have already done as mentioned earlier?

    Q2. My router would be open on port 80 by default and presumably all other ports will be closed. I gather that Webmin uses port 10000? If so, while I've read that webmin isn't secure by nature presumably it should be secure by being behind my router? I'd appreciate hearing thoughts on this please.

    Q3. During the journey so far I got a message saying "Could not reliably determine the server's fully qualified domain name". Presumably I need to register a website name with a DNS registrar, and then delegate it to a dynamic DNS provider such as dyndns.org or something like that and set Apache accordingly? However, I gather that dynamic DNS isn't very secure and TSIG should be used. Are there any free public dynamic DNS providers that support TSIG? Then again, presumably I also need to find a router that supports TSIG too?

    Thanks and Regards,


    Watters

  2.  

  3. #2
    Senior Member filburt1's Avatar
    Join Date
    Jul 2002
    Location
    Maryland, US
    Posts
    11,774
    Member #
    3
    Liked
    21 times
    1. I don't remember the defaults, but a file owned by the user "www-data" and group "www-data" is accessible by Apache. You can recursively change the permissions for a directory via [minicode]chown -R www-data www-data directory_name[/minicode].
    2. Webmin isn't related to Apache (or the LAMP stack, really), but yes, it uses TCP 10000 by default. It should definitely not be web-accessible. BTW, from experience, Webmin tends to be useless. It might take longer at first to do some tasks that Webmin can do, but it can break a lot of custom configuration and over time, you'll be faster editing configuration files manually. As long as you don't forward TCP 10000 then your router will block all external requests to it--or more accurately, not know how to route it so it will be dropped.
    3. That's a warning you can safely ignore in most cases. I use DD-WRT on my router at home and also use DynDNS. The combination seems to stop the warning.
    filburt1, Web Design Forums.net founder
    Site of the Month contest: submit your site or vote for the winner!


Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 07:40 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com