Apache2 Mysql … in short AMP Package

I have been bumbling around On the Ubuntu box i installed on one of the university server lately!! Every thing works fine at start! LAMP Rules..! then i thought of installing SSL init .. this is where things started getting changed .. or in short worst.. Ubuntu Feisty Fawn overall is a good OS.Because it was first time i was using it.

I have been Installing re-installing LAMP again and again messed every thing up just because of SSL.

finally!! did

sudo apt-get remove –purge apache2 apache2-mpm-prefork apache2-utils apache2.2-common libapache2-mod-php5 libapr1 libaprutil1 libdbd-mysql-perl libdbi-perl libmysqlclient15off libnet-daemon-perl libplrpc-perl libpq5 mysql-client-5.0 mysql-common mysql-server mysql-server-5.0 php5-common php5-mysql

–purge is used to remove all the files

then sudo apt-get clean

Next thing For XAMP

http://nchc.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz

cd /opt

sudo wget http://nchc.dl.sourceforge.net/sourceforge/xampp/xampp-linux-1.5.3a.tar.gz

Extract the archive to /opt using sudo

sudo tar xvfz xampp-linux-1.5.3a.tar.gz -C /opt

To start it up, open a terminal and type this:

sudo /opt/lampp/lampp start

To see additional commands, open a terminal and type this

sudo /opt/lampp/lampp

WARNING – SECURITY
http://www.apachefriends.org/en/xampp-linux.html#381
Open holes:

  1. The MySQL administrator (root) has no password.
  2. The MySQL daemon is accessible via network.
  3. ProFTPD uses the password “lampp” for user “nobody”.
  4. PhpMyAdmin is accessible via network.
  5. Examples are accessible via network.
  6. MySQL and Apache running under the same user (nobody).

This doesn’t leave your whole system wide open, but someone could hack your XAMPP installation, so be wary.
To fix most of the security weaknesses open a terminal and run:

 

Code:

sudo /opt/lampp/lampp security

Next after running it i added some passwords ? it never asked me for username but passwords though in /opt/lampp/htdocs/xampp/.htaccess the default user is lampp

so the default xampp security username is lampp

Now the next part and the most important one openssl :/ which was the main thing behind the installation

XAMPP comes up with default ssl which i wanted to change i followed following steps to
configure my own self-signed SSL

cd /opt/lampp/etc

sudo openssl genrsa -des3 -out server.key 1024

Generating RSA private key, 1024 bit long modulus
…………………………………………………++++++
……..++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password – Enter PEM pass phrase:

sudo openssl req -new -key server.key -out server.csr

* Will ask couple of questions *

sudo cp server.key server.key.org
sudo openssl rsa -in server.key.org -out server.key

sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

*Will Generate Private key*

sudo cp server.crt /opt/lampp/etc/ssl.crt/

sudo cp server.key /opt/lampp/etc/ssl.key/

Restart XAMPP by sudo /opt/lampp/lampp restart

finally

sudo ln -s /opt/lampp/lampp /etc/init.d/lampp
sudo update-rc.d -f lampp defaults

To make XAMP On Auto start!

and All done now access site using https://yourweb 😉

Regards

Azeem.

Advertisements

~ by Azeem on September 12, 2007.

One Response to “Apache2 Mysql … in short AMP Package”

  1. Thanks I need this article to make my XAMPP Auto Start.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: