This assignment is part of linux server course ICT4TN021-7, undertaken at Haaga-Helia UAS.
R) Test a virtual private server (VPS). You can get a server from for example Linode, Amazon, DigitalOcean, OVH or elsewhere. Most affordable is to use DigitalOcean’s services from Github Education package.
Optional: if you don’t want to get a VPS, you can make a test server with vagrant, but this is not as interesting.
I decided to make a test server with vagrant.
sudo apt-get install vagrant virtualbox
vagrant init ubuntu/trusty64
Added line to Vagrantfile as advised here:
config.vm.box = "trusty64"
config.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-amd64-vagrant-disk1.box"
I got an error message telling that a virtualization-related feature was set off in BIOS. I booted to BIOS and found the option:
I set “SVM Mode” to “Enabled”, booted back to Ubuntu and this time “vagrant up” returned no errors
A) Configure a possibility to make homepages with normal user permissions on your server.
I logged in via ssh, allowed ssh connection and enabled firewall:
sudo ufw allow 22/tcp
sudo ufw enable
Then i set up an user and added it to sudo, adm and admin groups:
sudo adduser miikka
sudo adduser miikka sudo
sudo adduser miikka adm
sudo adduser miikka admin
I tested the new user:
ssh miikka@(IP-address) -p 2222
I locked root password:
sudo usermod –lock root
I disabled ssh root login:
sudo nano /etc/ssh/sshd_config
under # Authentication: i set:
I saved the file, then restarted ssh:
sudo service ssh restart
Then, to get newest packages for security, i ran:
sudo apt-get update
sudo apt-get upgrade
S) Set a webpage saved in user home directory as Apache default page on your server.
On local machine, i edited Vagrantfile as advised here:
# config.vm.network "private_network", ip: "192.168.33.10"
I uncommented this line by removing #, then:
I installed apache (on vagrant server via ssh):
sudo apt-get install apache2
I added a hole to firewall for Apache:
sudo ufw allow 80/tcp
After that, this page appeared.
Y) Look for examples of breach attempts in logs. You can look for more information about IP addresses without contacting them with commands ipcalc, geoiplookup and whois.
sudo less /var/log/auth.log
There were only my own logins.
B) Make webpages on your local computer and copy them to server with command scp.
I installed scp-plugin for vagrant as advised here:
vagrant plugin install vagrant-scp
For scp to work in vagrant, i made a folder called “test”, and chmod 777 it, as advised here(otherwise scp would return permission denied):
chmod 777 test
Imade a simple html page with nano, and copied it to server via scp:
vagrant scp /home/xubuntu/index.html /home/miikka/test/index.html
Then i moved the html file as apache default page:
miikka@vagrant-ubuntu-trusty-64:~/test$ sudo mv index.html /var/www/html/index.html
I updated the page in firefox.
C) Make a simple PHP page for your server. You can for example print user IP $_SERVER[‘REMOTE_ADDR’] or similar. Be careful if your are collecting input with forms.
I made a simple PHP page:
sudo nano /var/www/html/index.php
<?php print “Your IP:”.$_SERVER[‘REMOTE_ADDR’]; ?>
However, php script would not run, and i could not get php working with instructions for previous assignment for Ubuntu 16.04. Vagrant uses 14.04, and i could not find php apache module for it.