I posted on the main forum (which is now erroring) a couple of questions. One was how to get public_html dir to allow access in home dirs cause I was getting a 403. Fized that, permission trouble. However, in my atempts I kind changed somestuff in the config that might affect the security. Can someone post good settings for the the <directory> controlls? I am running 1.?.19 (whatever is current) on redhat 7.1. My goal is for users to FTP to their public_html directory by logining with ftp (no other dirs accessable) and upload files for their dir.

How do I set up apache to power a domain name that I bought at 123domains.com?

How do I turn off SSL?

WTF is sunrpc and how do I shut it off?

What is a good FTP deamon for what I want to do?

Thanks,
Falcon

first you need a name server (which you could easily run on the same box). then all you need to do is tell apache to listen on the ip that the record for your domain points to (for a standalone config at least).

if you need ftp capabilities, openssh has a built in sftp (secure ftp) daemon installed. all you need to do is connect to the sshd w/ a sftp client (text mode client included w/ openssh).

Is there a good tutorial on how to set up the ssh correctly for use as secure ftp?

Also, I really don't want to run a name server. Is it possible to just do:

<VirtualHost myip>
ServerName websiteimhosting.com
ServerAdmin myemail@email.com
DocumentRoot /var/www/website/
</VirutalHost>

without running a name server? If not, how do I install/set up one under RedHat 7.1?

Also, if I do need to do virtual hosts, can I still have people access their home dirs and have them set on one of the virtual hosts? If not, oh well. Is it possible to instead of having domain.com/~username to have username.domain.com?

Thanks,
Falcon

Originally posted by Falcon:
<STRONG>Is it possible to just do:

&lt;VirtualHost myip&gt;
ServerName websiteimhosting.com
ServerAdmin myemail@email.com
DocumentRoot /var/www/website/
&lt;/VirutalHost&gt;

without running a name server?</STRONG>

As long as all the domain names resolve to your IP address. Getting domain names to resolve to an IP address and getting Apache to do name-based Virtual Hosting are completely different things and I'm bewildered why so many people get them confused when trying to answer questions about Virtual Hosting. You're right. As long as you already have all the domain names in question resolving to your IP, you don't need to do any nameserver stuff.

That VirtualHost directive will work fine. However, you should also add "ServerAlias *.websiteimhosting.com" so that it'll work even if people add a "www" to the front, and remember that MYIP *has* to be your Internet IP address. If it changes, you have to change the configuration file and restart Apache. If your computer has multiple IPs (i.e. a 192.168 address on the local network) and you want the virtual hosts to work on that IP also, you have to duplicate all your VirtualHost stuff using that IP address isntead. If you want your virtual hosts to work via loopback, you have to do them all again, using 127.0.0.1

So if you have a system with 3 IPs (Internet, LAN, and loopback) and are hosting 10 domains, you have to have 30 virtual host directives if you want all the virtual hosts to work on all the IPs! Kinda messy...

Originally posted by Falcon:
<STRONG>Also, if I do need to do virtual hosts, can I still have people access their home dirs and have them set on one of the virtual hosts?</STRONG>

With any virtual host that has the UserDir directive set, anyone will be able to do the domain.com/~user thing. If UserDir is set for both domain1.com and domain2.com, then domain1.com/~user and domain2.com/~user will be the same thing.

If not, oh well. Is it possible to instead of having domain.com/~username to have username.domain.com?

There's no built-in feature that does that, but you can either manually set up virtual hosts for each of your users (easy, but boring), or set up some kind of rewriting system with Apache's rather complex rewriting functions (complex).

Keep in mind, you'll have to configure your DNS servers so that ALL those domain names resolve to your IP address.

As I only plan to do web hosting with the box using apache and ProFTPD (I have a good book on it, I am only going to run it for a couple of friends as I have bandwith to spare) I think this will work great. I plan on only hosting 2 or 3 domains and I am on a LAN, but it only has four comps on it and they will access it over the internet if they do so it shouldn't matter. I was just wondering how to set this up though.

If I get coolwebsite.com and want to set it up so that *.coolwebsite.com reads from /var/www/web1 except for user1.coolwebsite.com and user2.coolwebsite.com, they should read from /var/www/user1/ and /var/www/user2/ respectively. Also, if people go to whatever my ip resolves to, what will it show? What if they access my I.P.? Can someone tell me where to get some info on making sure that my access settings for apache are secure? I know how to set up ProFTPd well.

One more not so related question. My firewall dosn't seem to be working as when I scan myself it shoes ports 1024(KDM) and 6000(X11) open. I just set up RedHat 7.1 and told it high security but to allow connections to ports 21 and 80. I also show something called sunrpc, how do I turn that off. What services do I need (I already turned the wrong ones off once)?

Thank you everyone for bearing with me. To the admins, LNO is the most helpful linux board I can find.

Falcon

If somebody visits your site by IP address, or if they visit your site using HTTP1.0 (by using an old browser or a weird proxy, mainly) they see whatever virtual host you've defined first. So you might want to define a "dummy" virtual host before any of the others that points to a page saying "Your browser sucks yadda yadda yadda please click one of the links below", then have links that'll let the visitor get to any of the hosted sites. That's what all the web hosting companies that use virtual hosts do.

One more not so related question. My firewall dosn't seem to be working as when I scan myself it shoes ports 1024(KDM) and 6000(X11) open.

Are you scanning from an outside computer, or are you having your computer scan itself? Firewalls generally don't protect the loopback interface, because systems generally need to have unrestricted access to themselves.

If you're scanning from outside and those ports are still open, then your firewall isn't working.

Thank you everyone for bearing with me. To the admins, LNO is the most helpful linux board I can find.

Well, oddly enough, there ARE no admins at the moment, but we'll ignore that...

Ok, thanks a lot guys.

I figured out the configs for https on apache but have a couple of questions. There is already a key set up, is that generic, or did RedHat generate it on install (I run 7.1)? If I do need to make my own keys, how do I do that?

Is it possible to just tell apache to use the same configurations under the other documents as far as directory and virtualserver controlls go, or do I just have to copy and paste it over.

I set up the firewall with RedHat not to let port 443 through, how do I change that?

Thanks,
Falcon

Forgot to ask, RedHat installed apache 1.3.19, is there an EASY way to upgrade to 1.3.20? What is the easiset way?

Is there a program to check for updates like the windows thingy?

Thanks,
Falcon

Get and install the RPM from the latest version. You can probably get it from rpmfind.net.

RedHat has some primitive auto-update support (I think it's called autorpm or something liket that), but Debian is the distro known for really advanced package management and updating.

upgrading the RPM will allow my conf files to work the same? No changes? Is there anything I need to change in a conf file to make it work right?

Thanks,
Falcon