Linux-palvelimet ICT4TN021-7 linux server course assignment 4

This assignment is part of linux server course ICT4TN021-7, undertaken at Haaga-Helia UAS.

 

R) Test a virtual private server (VPS). You can get a server from for example Linode, Amazon, DigitalOcean, OVH or elsewhere. Most affordable is to use DigitalOcean’s services from Github Education package.

Optional: if you don’t want to get a VPS, you can make a test server with vagrant, but this is not as interesting.

I decided to make a test server with vagrant.

sudo apt-get install vagrant virtualbox

mkdir Sites

cd ~/Sites

mkdir vagrant

cd vagrant

vagrant init ubuntu/trusty64

 

Added line to Vagrantfile as advised here:

nano Vagrantfile

After line:

config.vm.box = "trusty64"

Added line:

config.vm.box_url = "https://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-amd64-vagrant-disk1.box"

vagrant up

I got an error message telling that a virtualization-related feature was set off in BIOS. I booted to BIOS and found the option:

20180212_021155.jpg

I set “SVM Mode” to “Enabled”, booted back to Ubuntu and this time “vagrant up” returned no errors

 

A) Configure a possibility to make homepages with normal user permissions on your server.

I logged in via ssh, allowed ssh connection and enabled firewall:

vagrant ssh

sudo ufw allow 22/tcp

sudo ufw enable

Then i set up an user and added it to sudo, adm and admin groups:

sudo adduser miikka

sudo adduser miikka sudo

sudo adduser miikka adm

sudo adduser miikka admin

exit

I tested the new user:

ssh miikka@(IP-address) -p 2222

I locked root password:

sudo usermod –lock root

I disabled ssh root login:

sudo nano /etc/ssh/sshd_config

under # Authentication: i set:

PermitRootLogin no

I saved the file, then restarted ssh:

sudo service ssh restart

Then, to get newest packages for security, i ran:

sudo apt-get update

sudo apt-get upgrade

 

S) Set a webpage saved in user home directory as Apache default page on your server.

On local machine, i edited Vagrantfile as advised here:

# config.vm.network "private_network", ip: "192.168.33.10"

I uncommented this line by removing #, then:

vagrant reload

I installed apache (on vagrant server via ssh):

sudo apt-get install apache2

I added a hole to firewall for Apache:

sudo ufw allow 80/tcp

Screenshot_2018-02-12_01-23-31.png

After that, this page appeared.

 

Y) Look for examples of breach attempts in logs. You can look for more information about IP addresses without contacting them with commands ipcalc, geoiplookup and whois.

I entered:

sudo less /var/log/auth.log

Screenshot_2018-02-12_01-37-53.png

There were only my own logins.

 

B) Make webpages on your local computer and copy them to server with command scp.

I installed scp-plugin for vagrant as advised here:

vagrant plugin install vagrant-scp

vagrant reload

For scp to work in vagrant, i made a folder called “test”, and chmod 777 it, as advised here(otherwise scp would return permission denied):

mkdir test

chmod 777 test

Imade a simple html page with nano, and copied it to server via scp:

vagrant scp /home/xubuntu/index.html /home/miikka/test/index.html

Then i moved the html file as apache default page:

miikka@vagrant-ubuntu-trusty-64:~/test$ sudo mv index.html /var/www/html/index.html

Screenshot_2018-02-12_02-11-25.png

I updated the page in firefox.

 

C) Make a simple PHP page for your server. You can for example print user IP $_SERVER[‘REMOTE_ADDR’] or similar. Be careful if your are collecting input with forms.

I made a simple PHP page:

sudo nano /var/www/html/index.php

<html>
<body>
<?php print “Your IP:”.$_SERVER[‘REMOTE_ADDR’]; ?>

</body>
</html>

However, php script would not run, and i could not get php working with instructions for previous assignment for Ubuntu 16.04. Vagrant uses 14.04, and i could not find php apache module for it.

Sources: terokarvinen.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s