Solved

linux Centos url setting puzzle...?

Posted on 2013-06-26
21
321 Views
Last Modified: 2013-06-29
Say,
I've a Centos 5.0 server using a web hosting server - probably apache.
I cannot find where the conf file or other is that controls the url's to it.
http://myserver/path works perfectly.
I wish to change or add to "path"
httpd.conf does not seem to contain this... ?

I wish to create

http://myserver/path2:13463

Help will be appreciated.
0
Comment
Question by:shaunwingin
  • 9
  • 8
  • 2
  • +2
21 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39279826
Check for other configuration files:

find /etc/httpd -name "*.conf"

and then

grep servername <filename>.conf
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39279830
And one other thought:  if it's compiled from source, then you may have the config files in /usr/local/apache2/conf/extras
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 39279854
to change your path, change or add the folder where the DocumentRoot in httpd.conf is specified; if your DocumentRoot is /var/www/html then create a path2 folder in that html folder

to use port 13463, change the listen line; instead of Listen 80 change to Listen 13463
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 39280138
Hi,

You've specified that you're using a  Hosting Server. Does it mean that you don't have your own dedicated server but you're sharing t with some other clients of the hosting firm.

If this is the case you might not access the httpd.conf file. Please contact your service Provider and ask them about how to add new URL's o your server. They might have a Web Based interface to modify your side of the virtual host.

You've mentioned that:

http://myserver/path2:13463

What is that you want? Do you want your web server to listen the port 13463 (besides the standard port 80 ?

If tihs is what you want your url should read:

[quote]http://myserver:13463/path2 [/quote]

Open in new window


not the way you've mentioned. I don't think this is possible using a shared server or may be your Service Provider has a custom solution. Please contact your Service Provider support just to make sure.

Cheers,
K.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39280177
The location is /var/www/html for the deafault document root.
/path can be an alias configured in /etc/httpd/conf/httpd.conf or within a conf file in /etc/httpd/conf.d/

.htaccess can also be managed

Could explain what it is you want?

Are you looking to have /path2 function as a script?
0
 

Author Comment

by:shaunwingin
ID: 39280831
Tx for the feedback.
Ive an application Jasper Reports server on out own hardware.
It listens on port 189 shall we say.
If I ssh in and setup a tunnel I an browse to it with localhost:189 from my PC.
How can I setup public access to it without ssh tunnel?
0
 
LVL 76

Expert Comment

by:arnold
ID: 39281655
When you ssh and you use a tunnel, you define the mapping of localhost:189 to remotehost:port

You have to open a port on the external firewall.
if there is no external firewall, you likely use IPtables
iptables -L INPUT --line-numbers

iptables -t filter -I INPUT <5 should be the line underneath the established rule> -m tcp -p tcp --dport <port of service> -j ACCEPT
0
 

Author Comment

by:shaunwingin
ID: 39282480
Tx, do use iptables...
please can you give example of change to make with actual possible values as I'm not that familiar with what you refer to in iptables.
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39283012
Taking your example that the service is on port 189


iptables -t filter -I INPUT 5 -m tcp -p tcp --dport 189 -j ACCEPT

What IP does your system have?
if it is any of the following, 10.0.0.0-10.255.255.255 172.16.0.0-172.31.255.255 192.168.0.0-192.168.255.255 this means you have an external firewall on which you need to open/create a mapping first.
The iptables rules is another change you would need to make.
Internet => ISP Provider Hardware firewall => Iptables based firewall on the system
ISP firewall: public IP port to your systems private IP port
x.x.x.x 80 to 192.168.10.5 80
then on your iptables rule you will have:
iptables -t filter -I INPUT 5 -m tcp -p tcp --dport 80 -j ACCEPT

note the use of the 5 in the above line means that it places this rule in the fifth position while everything else is shifted down.  It is not a replacement.

1 1
2 2
3 3
4 4
5 5
upon the addition will and reflect the change
1 1
2 2
3 3
4 4
5 new rule
6 5
0
 

Author Comment

by:shaunwingin
ID: 39283362
Tx this helps me quite a bit. Its actually a public ip 41.xxx.xxx.xxx
Please can you assist further.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:shaunwingin
ID: 39283365
Oops, I realise all I need therefore is:
iptables -t filter -I INPUT 5 -m tcp -p tcp --dport 189 -j ACCEPT
0
 
LVL 76

Expert Comment

by:arnold
ID: 39283382
Thatis right, if you need access from the outside to port 189 of your system, the iptable directive above will do that.

Note the change will not be committed until you save the iptable rules, /etc/init.d/iptables save

So make sure it works as you expect before permanently committing the changes.
0
 

Author Comment

by:shaunwingin
ID: 39283402
tx. This is how current rules look in iptables:
-A RH-Firewall-1-INPUT -d 41.x.x.x -m state --state NEW -m udp -p udp --dport 1569 -j ACCEPT
-A RH-Firewall-1-INPUT -d 41.x.x.x -m state --state NEW -m udp -p udp --dport 1675 -j ACCEPT

How can I see the line no's in iptables to add your rule?
Also my rules have -d after INPUT
0
 
LVL 76

Expert Comment

by:arnold
ID: 39283486
iptables -t filter -L INPUT --line-numbers

-d explicitly specifies the destination IP address.
This is often done when the system can have multiple external IPs and you want to differentiate the services.
you can add the -d 41.x.x.x to the iptables rule you have.

Do not edit the iptables configuration file since that will only apply on reboot and if you

You can add rules dynamically using the iptables command.  If anything goes wrong, a reboot will revert the configuration. If you are satisfied with the addition/changes using iptables-save or /etc/init.d/iptables save will commit the changes into the configuration file.

/etc/sysconfig/iptables.save is a copy of the prior version.
0
 

Author Comment

by:shaunwingin
ID: 39283733
Tx.
I have
RH-Firewall-1-INPUT
In mine.

Is this needed in your instruction?

Please can U give me finalised one for my system as described that I can run to add this rule without committing it.  Tx.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39283869
Then instead of INPUT, add the entry into the RH-Firewall-1-INPUT  chain in the same way.

Is the system on which this is the server with the services or is it functioning as a router?

iptables -I RH-Firewall-1-INPUT 5 -d 41.x.x.x -m tcp -p tcp --dport 189 --to-destination privateIP:port -j ACCEPT

The chain RH-Firewall-1-INPUT  should be referenced in both INPUT and FORWARD.
What it does, the single rule will allow the info in on the INPUT chain to port 189.
And then in the FORWARD chain, it will route the packets to privateIP:port

You can remove the --to-destination
0
 

Author Comment

by:shaunwingin
ID: 39286959
Tx, only thing is if I edit ip tabels and use
iptables -I RH-Firewall-1-INPUT 5 -d 41.x.x.x -m tcp -p tcp --dport 189 --to-destination privateIP:port -j ACCEPT
then I need to restart iptables to take effect, which I want to avoid.

Please can you give me the instruction as above which will add to iptables without committing it.

I presume I will need to ascertian the line no, but how to see output of iptables with line no?
Tx
0
 
LVL 76

Expert Comment

by:arnold
ID: 39286992
No, updates to iptables using the iptables command take immediate effect and there is no requirement to restart anything.  The only reason you would need to restart iptables or the system is if the iptables rule you add locks you out i.e. you add a rule to block ssh for a specific IP i.e. -d 41.x.x.y but got destructed and mistakenly omitted the -d rule such that no external ssh is now available. If you are on the console , that can be corrected, but if you are remote, the only option is for someone to login on console and restart IPtables or the entire system.
0
 

Author Comment

by:shaunwingin
ID: 39287075
tx.

I executed
iptables -I RH-Firewall-1-INPUT 18 -d 41x.x.x -m tcp -p tcp --dport 189 -j ACCEPT

and netstat -pant lists:
tcp        0      0 :::18991                    :::*                        LISTEN      7406/java

Can you explain this: 7406/java?

Its now working tx.
0
 
LVL 76

Expert Comment

by:arnold
ID: 39287118
7406 is the Process ID (PID) of java that is the service.  Note, your port is 18991 while your iptable entry is 189.

you do not need the --to-destination on this system?
0
 

Author Comment

by:shaunwingin
ID: 39287177
tx
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now