Go Premium for a chance to win a PS4. Enter to Win


Virtual Hosting

Posted on 2006-10-25
Medium Priority
Last Modified: 2013-11-15
I just set up a LAMP web server with the following specifications:
1. FC5
2. Apache 2.2.0
3. MySQL Ver 14.12 Distrib 5.0.18, for redhat-linux-gnu (i386) using readline 5.0
4. PHP 5.1.2.
5. Static IP address
6. Two mirrored drives

I also have set up the main site from where users can access reports and update information to the MySQL server. So far, so good. My main problem is the way the users access the web site. They just type in the server's IP address and off they go. I would like for them to type in a name instead. I tried to do so by using the GUI provided by Fedora to change the HTTP settings, but I only ended up screwing httpd.conf. Luckily, I had a backup. How do I do this? I thought that by adding a hostname to the server under Network settings would be enough. I'm already reading http://httpd.apache.org/docs/1.3/vhosts/index.html to get a better understanding of all of this, I would just like for some Experts to give me some advice. One more thing, in order to make the web page accessible to others in the network, I had to flush the iptables. Is this good practice?
Question by:horalia
  • 2
LVL 10

Accepted Solution

rivusglobal earned 2000 total points
ID: 17807925
Hi horalia,

    First off, if your services are accessable from the outside world ( not an intranet or local network ) you'd do best to register a domainname for easier access to your server ( for eg. www.yourdomain.com ).  Some registrars provide DNS services which will allow you to associate that name ( www.domain.com and domain.com ) to your webserver's IP address without you having to run, maintain, and learn how to setup your own DNS server.

    Second, virtual hosts is only required if you are going to host the websites for 2 or more of these registered domainnames.  So by the sounds of it, you won't need to embark on setting up Apache for virtual hosts. Although it's not too tough and can be explained simply enough.

    Thirdly, flushing your iptables is not a good practice as you appears to have an open by default firewall.  Obviously, if your firewall was closed by default, then nobody would have access to that server except directly via console/keyboard.  Website communication takes place on port 80 by default, so you will have to add an iptables rule that allows all communication to take place over port 80.  Likewise, open port 3306 for the mysql server, and you'll be able to leave your firewall up and running, blocking all the other unused ports on the box.

Author Comment

ID: 17807946
Sorry for not mentioning this before, I wrote too much and excluded one very important fact! The services will be accesible only to company employees who have connection to the local network. I have coded everything in php and added a users table to mysql which authenticates whomever is signing in to the web site. As far as I know, we will not be allowing anyone direct access either to the server or db except using the web page. Does this change the recommendation for iptables? Most likely, I will be setting up another web page on the same server which will contain other type of content.
LVL 10

Expert Comment

ID: 17808187
Instead of using IP addresses you should assign a domainname using your company's DNS server if they have one.  If they don't and you don't want to create one that every PC will have to use, and you're dealing with a small number of employees, you could use the windows hosts file to point to a made up domain assigned to the webserver IP address.

The recommendation for iptables still stands, as anyone that needs access to a webserver (and thus a webpage on that server) will almost always require that port 80 on the webserver NOT be firewalled.  I say almost, only because you can run a webserver on a port other than port 80 but it doesn't change the fact you need to open whatever port it is on the firewall.

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Create your own, high-performance VM backup appliance by installing NAKIVO Backup & Replication directly onto a Synology NAS!
Are you looking to recover an email message or a contact you just deleted mistakenly? Or you are searching for a contact that you erased from your MS Outlook ‘Contacts’ folder and now realized that it was important.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question