Building a Home Web Server Grant Root [email_address]
This Presentation <ul><li>... will be posted shortly on my site, at http://www.rootcentral.org.  </li></ul><ul><li>Look fo...
Why Host at Home? <ul><li>$$$ - saving the cost of hosting  </li></ul><ul><li>Ultimate control over the server </li></ul><...
The Downside <ul><li>Bandwidth limitations </li></ul><ul><li>Significant learning curve </li></ul><ul><li>Security issues ...
Is It Right for Your Site? <ul><li>Consider anticipated traffic levels </li></ul><ul><li>How critical is uptime? </li></ul...
Requirements <ul><li>Broadband Internet connection </li></ul><ul><li>Domain name </li></ul><ul><li>Domain name service  ( ...
Broadband Connection Types <ul><li>ADSL </li></ul><ul><li>Cable modem </li></ul><ul><li>Wireless </li></ul><ul><li>T-1 / F...
Your Own Domain <ul><li>Who wants a site named “adsl-68-73-138-210.dsl.wotnoh.ameritech.net ”? </li></ul><ul><li>Choosing ...
Registering a Domain Name <ul><li>Choosing a registrar </li></ul><ul><ul><li>Price </li></ul></ul><ul><ul><li>Reputation <...
Registrars <ul><li>ICANN accredited registrar list – http://www.icann.org/registrars/ accredited-list.html </li></ul><ul><...
Domain Name Service (DNS) <ul><li>Translating names to numbers </li></ul><ul><ul><li>e.g. “www.rootcentral.org” to “68.73....
Dynamic DNS Services <ul><li>Selecting a dynamic DNS provider  </li></ul><ul><ul><li>http://www.technopagan.org/dynamic/ <...
Firewall First! <ul><li>Don't put *anything* online without a firewall! </li></ul><ul><li>Determine scope of protection </...
Selecting a Firewall <ul><li>Features </li></ul><ul><li>Hardware vs. software </li></ul><ul><li>Software platform </li></u...
Hardware vs. Software <ul><li>Hardware firewalls </li></ul><ul><ul><li>Dedicated appliances </li></ul></ul><ul><ul><li>Bui...
Some Free Software Firewalls <ul><li>Freesco (runs from floppy) </li></ul><ul><ul><li>http://www.freesco.org </li></ul></u...
Set Up Firewall <ul><li>Use NAT to translate private to public IP addresses and vice-versa. </li></ul><ul><li>Allow access...
Set Up Web Server <ul><li>Use that old 386 / 486 / Pentium </li></ul><ul><ul><li>CPU & memory affect compiling, graphic ma...
To RAID or Not to RAID <ul><li>Redundant array of independent disks </li></ul><ul><li>Provides data protection from hardwa...
Install and Secure Linux <ul><li>Install minimal system </li></ul><ul><li>Get security updates </li></ul><ul><li>Shut down...
Install Web Server Software <ul><li>HTTP daemon – Apache, tux, etc. </li></ul><ul><li>Database engine – MySQL, PostgreSQL ...
Configure HTTP Daemon <ul><li>Apache </li></ul><ul><ul><li>Set domain name, doc root, user/group </li></ul></ul><ul><ul><l...
Test Web Serving <ul><li>Test sample page in browser </li></ul><ul><li>Troubleshoot any problems </li></ul><ul><li>Common ...
Develop the Pages <ul><li>On the server using text-based tools – or more likely... </li></ul><ul><li>On your [Windows | Li...
Questions
Upcoming SlideShare
Loading in …5
×

Building a Home Web Server Grant Root grant@rootcentral.org This ...

388
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
388
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Building a Home Web Server Grant Root grant@rootcentral.org This ...

  1. 1. Building a Home Web Server Grant Root [email_address]
  2. 2. This Presentation <ul><li>... will be posted shortly on my site, at http://www.rootcentral.org. </li></ul><ul><li>Look for a “Site News” entry with a link to the presentation. </li></ul>
  3. 3. Why Host at Home? <ul><li>$$$ - saving the cost of hosting </li></ul><ul><li>Ultimate control over the server </li></ul><ul><li>A great learning experience </li></ul>
  4. 4. The Downside <ul><li>Bandwidth limitations </li></ul><ul><li>Significant learning curve </li></ul><ul><li>Security issues must be addressed </li></ul><ul><li>Your ISP's terms of service </li></ul>
  5. 5. Is It Right for Your Site? <ul><li>Consider anticipated traffic levels </li></ul><ul><li>How critical is uptime? </li></ul><ul><li>Data security & backups </li></ul><ul><li>Time commitment </li></ul>
  6. 6. Requirements <ul><li>Broadband Internet connection </li></ul><ul><li>Domain name </li></ul><ul><li>Domain name service ( DNS ) </li></ul><ul><li>Firewall </li></ul><ul><li>Web server </li></ul>
  7. 7. Broadband Connection Types <ul><li>ADSL </li></ul><ul><li>Cable modem </li></ul><ul><li>Wireless </li></ul><ul><li>T-1 / Fractional T-1 </li></ul>
  8. 8. Your Own Domain <ul><li>Who wants a site named “adsl-68-73-138-210.dsl.wotnoh.ameritech.net ”? </li></ul><ul><li>Choosing and researching a name </li></ul><ul><ul><li>Whois tools </li></ul></ul><ul><ul><li>nameboy.com, etc. </li></ul></ul>
  9. 9. Registering a Domain Name <ul><li>Choosing a registrar </li></ul><ul><ul><li>Price </li></ul></ul><ul><ul><li>Reputation </li></ul></ul><ul><ul><li>Maintenance tools </li></ul></ul>
  10. 10. Registrars <ul><li>ICANN accredited registrar list – http://www.icann.org/registrars/ accredited-list.html </li></ul><ul><li>Network Solutions (Verisign) – http ://www.networksolutions.com </li></ul><ul><li>GANDI - http://www.gandi.net </li></ul>
  11. 11. Domain Name Service (DNS) <ul><li>Translating names to numbers </li></ul><ul><ul><li>e.g. “www.rootcentral.org” to “68.73.138.210” </li></ul></ul><ul><li>Dynamic vs. static IP addresses </li></ul><ul><li>Finding a moving target - dynamic DNS services & clients </li></ul>
  12. 12. Dynamic DNS Services <ul><li>Selecting a dynamic DNS provider </li></ul><ul><ul><li>http://www.technopagan.org/dynamic/ </li></ul></ul><ul><li>Subdomains - their domain vs. yours </li></ul><ul><ul><ul><li>e.g. “rootcentral.dyndns.org” </li></ul></ul></ul><ul><li>Backup mail server </li></ul><ul><li>Client software support </li></ul>
  13. 13. Firewall First! <ul><li>Don't put *anything* online without a firewall! </li></ul><ul><li>Determine scope of protection </li></ul><ul><ul><li>Periphery vs. on-server? </li></ul></ul><ul><ul><li>DMZ? </li></ul></ul>
  14. 14. Selecting a Firewall <ul><li>Features </li></ul><ul><li>Hardware vs. software </li></ul><ul><li>Software platform </li></ul><ul><li>Ease of use is critical </li></ul>
  15. 15. Hardware vs. Software <ul><li>Hardware firewalls </li></ul><ul><ul><li>Dedicated appliances </li></ul></ul><ul><ul><li>Built into routers </li></ul></ul><ul><li>Software firewalls </li></ul><ul><ul><li>iptables / ipchains </li></ul></ul><ul><ul><li>Single-purpose Linux distros </li></ul></ul>
  16. 16. Some Free Software Firewalls <ul><li>Freesco (runs from floppy) </li></ul><ul><ul><li>http://www.freesco.org </li></ul></ul><ul><li>SmoothWall (terrific web interface) </li></ul><ul><ul><li>Http://www.smoothwall.co.uk </li></ul></ul><ul><li>IPCop (spun off from SmoothWall) </li></ul><ul><ul><li>http://www.ipcop.org </li></ul></ul>
  17. 17. Set Up Firewall <ul><li>Use NAT to translate private to public IP addresses and vice-versa. </li></ul><ul><li>Allow access from the Internet to port 80 on web server. Use port forwarding if web server has a private address. </li></ul>
  18. 18. Set Up Web Server <ul><li>Use that old 386 / 486 / Pentium </li></ul><ul><ul><li>CPU & memory affect compiling, graphic manipulation and encryption </li></ul></ul><ul><li>Choose a Linux distro </li></ul><ul><ul><li>I prefer Debian for ease of installations and updates. </li></ul></ul>
  19. 19. To RAID or Not to RAID <ul><li>Redundant array of independent disks </li></ul><ul><li>Provides data protection from hardware failures (*not* mistakes) </li></ul><ul><li>More drives, performance issues </li></ul><ul><li>Hardware or software based </li></ul><ul><li>Level – usually 1 (mirroring) or 5 </li></ul>
  20. 20. Install and Secure Linux <ul><li>Install minimal system </li></ul><ul><li>Get security updates </li></ul><ul><li>Shut down unneeded services </li></ul><ul><ul><li>Check inetd / xinetd config files </li></ul></ul><ul><ul><li>Use netstat to check for open ports </li></ul></ul><ul><ul><li>Use external port scanner service </li></ul></ul>
  21. 21. Install Web Server Software <ul><li>HTTP daemon – Apache, tux, etc. </li></ul><ul><li>Database engine – MySQL, PostgreSQL </li></ul><ul><li>CGI Scripting language – Perl, PHP, Python, Ruby, Java </li></ul><ul><li>I like Apache / MySQL / PHP! </li></ul>
  22. 22. Configure HTTP Daemon <ul><li>Apache </li></ul><ul><ul><li>Set domain name, doc root, user/group </li></ul></ul><ul><ul><li>Deny all access to root directory </li></ul></ul><ul><ul><li>Specifically allow access to doc root </li></ul></ul><ul><ul><li>Tweak ExecCGI, symlinks, overrides </li></ul></ul><ul><ul><li>Disable indexes </li></ul></ul>
  23. 23. Test Web Serving <ul><li>Test sample page in browser </li></ul><ul><li>Troubleshoot any problems </li></ul><ul><li>Common problems: </li></ul><ul><ul><li>Apache config </li></ul></ul><ul><ul><li>File ownership / permissions </li></ul></ul><ul><ul><li>Firewall settings </li></ul></ul>
  24. 24. Develop the Pages <ul><li>On the server using text-based tools – or more likely... </li></ul><ul><li>On your [Windows | Linux] workstation w/ text or GUI tools </li></ul><ul><ul><li>Upload using ftp, webdav, scp, etc. </li></ul></ul>
  25. 25. Questions
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×