Tag Archives: Apache

Linux Quickies (2) – Build a Webserver

1. Disable SELinux

vi /etc/selinux/config

#Change the line
SELINUX=enforcing 
to read
SELINUX=disabled

SELinux prevents the web server working properly. There are ways of configuring SELinux so that it doesn’t do that, but it’s a pain and I’m not documenting it here. You don’t have to completely disable SELinux: setting the parameter to permissive will keep it switched on, but it will just warn (quietly) that web serving breaches policy, rather than stopping web serving in its tracks.

2. Disable (or modify) the Firewall

service iptables stop
chkconfig iptables off

These two commands switch off the firewall and prevent it from re-starting. Without these commands, port 80 is blocked by default, so although your web server runs, no-one would be able to talk to it, which is a bit pointless. If you prefer having a firewall switched on, you can leave it on by issuing neither of those two previous commands and instead, just open up ports 80 and 443 (for https traffic), inbound and outbound, like so:

vi /etc/sysconfig/iptables

#Add these lines BEFORE the two existing REJECT statements
-A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
-A OUTPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
-A OUTPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT

service iptables restart

3. Install and configure the Software

yum install httpd

service httpd start

If you want to configure lots of subtle options, then the configuration file is available in /etc/httpd/conf/httpd.conf -but usually, everything just works OK without any further configuration. You can at this point open a browser on a remote PC and enter the url http://192.168.8.250 (or whatever your web server’s IP address is). If all is well, you’ll see a test page that will just say “It works!” (if you’re using Scientific Linux) or a more elaborate test page with banner, graphics and explanatory text (if you’re using CentOS).

Your document root is /var/www/html, so drop any files you want to view via http in there, and change your remote browser’s URL to match. For example:

vi /var/www/html/dizwell.html

#Add the following line, then save:
<h1>This is a Dizwell web page</h1>

Now browse remotely to http://192.168.8.250/dizwell.html and you’ll see this:

Network Linux Installs

An Apache Server on Centos 6

19 Replies

Now that we finally have a complete complement of zero-cost Enterprise Linux 6.0 clones available, I thought it might be time to revisit the idea of building a very small, very lightweight Apache server using nothing but Centos (or Scientific Linux) 6.

My existing article on building such an Apache server uses Ubuntu as its base distro, because I know of nothing that has smaller minimum hardware requirements -but this is a bit annoying, because if you go on to use RHEL-clones for an Oracle server, you have to master both RPM-based and apt-get-based distros. Life would be a lot simpler if you could use the one distro for everything, wouldn’t it?

Well, that’s what I thought too, so here’s my recipe for Apache + PHP talking to an Oracle database with the entire software stack running on two virtual machines running Centos 6 or Scientific Linux 6.

Creating the Server

I won’t detail the actual construction of a suitable web-server-capable virtual machine or the installation of its operating system here. The Ubuntu-based article I mentioned before does that quite adequately, I think. There are a couple of Centos/Scientific-specific issues that arise, though.

First thing to note, then, is that you can’t install Centos 6 (or Scientific Linux 6) in a virtual machine that’s configured with less than 512MB of memory. You can run Centos 6 in just 128MB, but the installer will bomb out at those sorts of RAM allocations. So the basic rule is: install your OS when your VM has 512MB then shut the thing down, reduce the allocated RAM, and re-start.

Second, you only need the 32-bit version of Centos or Scientific: 64-bits for running a trivial web server are completely unnecessary. (Note that the Centos link there has been altered since this article was first written to point to the version 6.1 isos, since version 6.0 is no longer made generally available).

Third, if you’re using Scientific Linux, you’ll have to select to perform a minimal install. If you’re using Centos, that is the default option anyway.

Fourth: once the O/S is installed, make sure the network itself is working (see my last post on how to do this). It won’t be by default, so you need to edit the /etc/sysconfig/network-scripts/ifcfg-eth0 script to make it function properly.

Additionally, and very importantly, you should disable SELinux by editing the /etc/sysconfig/selinux configuration file. By default, it will have a line that says SELINUX=enforcing. Change that to read SELINUX=disabled. You can’t get PHP talking to an Oracle database without doing this. Reboot to make the change take effect.

Finally, the commands you want to install the relevant Apache/PHP software bits and pieces are:

yum -y install httpd php nano unzip make
yum -y install gcc wget openssh php-devel php-pear libaio

The ‘httpd’ bit is the name for the Apache package itself; the other bits and pieces allow Apache to serve up something useful later on!

Configuring the Server

You first need to start the Apache service:

service httpd start

If you ever need to re-start the service (to pick up configuration changes, etc), the command is:

service httpd restart

To make the Apache bits start automatically at every reboot, issue this command:

chkconfig --level 23 httpd on

By default, despite having done all of the above, you won’t be able to connect to your new server from a remote browser: Centos/Scientific slap a firewall on that blocks access. You can completely disable the firewall with the command:

service iptables stop

That only works per re-boot, though, so to switch the firewall off completely, use this:

chkconfig iptables off

The more subtle approach, of course, would be to reconfigure the firewall to allow http traffic through -but that’s beyond the scope of this article and, in any case, I don’t need a firewall when I’m connecting one internal VM to another, so it’s probably overkill at this stage. If you insist on this approach, however, the advice given here would seem useful.

You’ll now be in a position to check that everything is working fine, provided you know your web server’s IP address. Assuming it’s 192.168.0.37 for the moment, then visiting http://192.168.0.37 in a remote browser should net you some sort of “it’s working” page (the Centos version is quite elaborate and is entitled “Apache 2 Test Page”; Scientific’s equivalent is a barebones “it works!” message).

You’ll also need to check that PHP is working OK, and for that I suggest you create a file called phpdata.php in the /var/www/html directory containing the following:

<?php
phpinfo();
?>

…which is just the code needed to display PHP’s configuration data. Then you can visit http://192.168.0.37/phpdata.php and you should see this sort of result:

Connecting the Server to an Oracle database

Installing OCI8 so that you can connect to Oracle via Apache is pretty much the same process as for Ubuntu:

Copy both the instantclient-basic and instantclient-sdk packages (available from the OTN website) to /var/www/html using something like Filezilla. As root, unzip both packages and create a necessary symbolic link:

cd /var/www/html
unzip instantclient-basic-linux32-11.2.0.2.0.zip
unzip instantclient-sdk-linux32-11.2.0.2.0.zip

cd instantclient_11_2
ln -s libclntsh.so.11.1 libclntsh.so

Download the relevant OCI8 library (the version numbers are specific, so check http://pecl.php.net/package/oci8 to make sure you get the latest):

cd /var/www/html
wget http://pecl.php.net/get/oci8-1.4.5.tgz

Install that new download:

pecl install oci8-1.4.5.tgz

This last command will prompt you to specify “the path to the ORACLE_HOME directory…”. At this point, you type in the following:

instantclient,/var/www/html/instantclient_11_2

…which tells the installer (a) that you’re using the instant client and not a full-blown Oracle client; and (b) that the path to the instant client files is /var/www/html/instantclient_11_2. Note that there are no spaces in any of that lot: just a comma separates the two components.

Finish off with some final configuration steps:

echo extension=oci8.so >> /etc/php.d/oci8.ini
echo /var/www/html/instantclient_11_2 >> /etc/ld.so.conf
ldconfig
echo ORACLE_HOME=/var/www/html/instantclient_11_2 >> /etc/profile
export ORACLE_HOME=/var/www/html/instantclient_11_2
service httpd restart

When you now visit your web server’s phpdata.php URL, you should see an OCI8 section appear in the PHP configuration information display.

After that, it should be relatively plain sailing: you just need to create a file which explains how to connect to an Oracle database and fetch some data. I suggest you create a file called oracle.php in the /var/www/html directory, containing this:

<?php
$myselect = "select * from scott.emp";
$oraconn = oci_connect('system', 'password', '//192.168.0.145/lindb');
$doquery = OCIparse($oraconn, $myselect) or die("Couldn't parse statement.");
OCIexecute($doquery) or die("Couldn't execute statement.");

while (OCIfetch($doquery))
 {$surname = OCIresult($doquery, ENAME);
  $salval = OCIresult($doquery, SAL);
  print '<b>'.$surname.'</b> '.$salval.'<br>';
 }
?>

That assumes my Oracle server is running at IP address 192.168.0.145; that my SYSTEM password is “password” (which would be extremely dumb if true!); and that I’ve got the SCOTT schema created within that database containing ye olde EMP table. If you now visit the URL http://192.168.0.37/oracle.php, you should get 14 rows returned in your web browser.

Apache Article

Apache on a Stick

3 Replies

I had been idly wondering how you’d go about running Apache (or some other webserver) from a USB stick when I came across this site that makes doing it so ridiculously simple that I nearly fell off my chair!

Just start the “Mowes Mixer” mentioned in the last line of that home page and then select the ‘I do not have…’ option. You can then complete the software selection screen like so:

I’ve gone for the “Small Edition” Apache, MySQL and PHP5 -which is a 9MB download and yields as much functionality as you’ll need for the purposes of serving a Kickstart configuration file (for example). From the list of application software, you could add something like WordPress or Drupal: that will give you a portable website in which you could document Oracle-related tips or ideas (or anything else for that matter!) Add WordPress, for example, and your download goes up to 11MB, which is no big deal.

Once you download, you’ll end up with a zip-file sitting on your Desktop (or wherever you downloaded to, obviously). Unzip it, and copy the uncompressed folder to a USB drive that’s got around 100MB of free space.

Now double-click the mowes.exe file in that folder and an “installation” process takes place. The name’s a bit misleading, I think, because absolutely nothing gets installed on your PC to which the USB drive is attached. Instead, all that happens is that some directories and configuration files are created on the USB drive itself, once you’ve picked a language and agreed to the GNU GPL license. Your host PC’s firewall will probably also throw a fit when MySQL starts (allow it access, basically) and there’ll be a similar alert when Apache gets going (again, allow it access). Otherwise, that’s it!

You end up with this ‘control panel’ running on your host PC:

…which allows you to stop and start the web server. When you click End, the software quits completely, leaving nothing behind on the host PC. To get to the web server in your host PC’s browser, simply type the address http://localhost. If you’re trying to get to it from another PC (as you would if trying to Kickstart a Linux install on a virtual machine, for example), you refer to it by your host PC’s IP address -so, in my case, http://192.168.0.42.

The first time I tried this from a different PC (i.e., trying to access the server remotely), I obtained a 403 – You don’t have permission to access / on this server error. This is simply because the default Apache installation is very restrictive. To ease things up a bit (i.e., a lot!), click the Options menu in the MoWeS control panel and make the Security Options bit look like this:

Essentially, that means switch off the ‘only allow access to this server’ option; also switch off the one about ‘do not change the file .htaccess’; and then add an IP address of ‘ALL’ to the ‘allow access from…’ dialog. Stop and re-start the server and you should find remote PCs can now get to the web server’s home page OK.

Just note that WordPress (and, I’m guessing, quite a lot of the other applications) has its own configuration which, by default, expects all pages to be living on “http://localhost”. This means that accessing WordPress remotely won’t work properly (because ‘localhost’ on that remote PC means something very different than on the PC running the web server). The configuration option to change in WordPress is this one:

That’s found under the Settings option: just change the URLs to the IP address of the machine hosting the USB stick, and you’re good to go.

I wasn’t looking forward to getting Apache working from a USB device… but this makes it trivially easy to do and you get practically a complete “LAMP stack” thrown in for nothing… though without the “L”, obviously!

Should you need it, here’s my already-configured version as a zip file: just download, unzip, done. It doesn’t get much easier, I think!