Install LAMP on Ubuntu

Install Apache

To start off we will install Apache.

1. Open up the Terminal (Applications > Accessories > Terminal).

2. Copy/Paste the following line of code into Terminal and then press enter:

sudo apt-get install apache2

3. The Terminal will then ask you for you're password, type it and then press enter.

Testing Apache

To make sure everything installed correctly we will now test Apache to ensure it is working properly.

1. Open up any web browser and then enter the following into the web address:

http://localhost/

You should see a folder entitled apache2-default/. Open it and you will see a message saying "It works!" , congrats to you!

Install PHP

In this part we will install PHP 5.

Step 1. Again open up the Terminal (Applications > Accessories > Terminal).

Step 2. Copy/Paste the following line into Terminal and press enter:

sudo apt-get install php5 libapache2-mod-php5

Step 3. In order for PHP to work and be compatible with Apache we must restart it. Type the following code in Terminal to do this:

sudo /etc/init.d/apache2 restart

Test PHP

To ensure there are no issues with PHP let's give it a quick test run.

Step 1. In the terminal copy/paste the following line:

sudo gedit /var/www/testphp.php

This will open up a file called phptest.php.

Step 2. Copy/Paste this line into the phptest file:

Step 3. Save and close the file.

Step 4. Now open you're web browser and type the following into the web address:

http://localhost/testphp.php

Install MySQL

To finish this guide up we will install MySQL. (Note - Out of Apache and PHP, MySQL is the most difficult to set up. I will provide some great resources for anyone having trouble at the end of this guide.)

Step 1. Once again open up the amazing Terminal and then copy/paste this line:

sudo apt-get install mysql-server

Step 2 (optional). In order for other computers on your network to view the server you have created, you must first edit the "Bind Address". Begin by opening up Terminal to edit the my.cnf file.

gksudo gedit /etc/mysql/my.cnf

Change the line

bind-address = 127.0.0.1

And change the 127.0.0.1 to your IP address.

Step 3. This is where things may start to get tricky. Begin by typing the following into Terminal:

mysql -u root

Following that copy/paste this line:

mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('yourpassword');

(Make sure to change yourpassword to a password of your choice.)

Step 4. We are now going to install a program called phpMyAdmin which is an easy tool to edit your databases. Copy/paste the following line into Terminal:

sudo apt-get install libapache2-mod-auth-mysql php5-mysql phpmyadmin

After that is installed our next task is to get PHP to work with MySQL. To do this we will need to open a file entitled php.ini. To open it type the following:

gksudo gedit /etc/php5/apache2/php.ini

Now we are going to have to uncomment the following line by taking out the semicolon (;).

Change this line:

;extension=mysql.so

To look like this:

extension=mysql.so

Now just restart Apache and you are all set!

sudo /etc/init.d/apache2 restart

Read more »

Configure static NAT for inbound connections

Someone recently asked me how to configure Network Address Translation (NAT) so that computers on the Internet could access his internal Web and mail server through his Cisco router. This requires configuring a static NAT translation between the dedicated public IP address and the dedicated private IP address. Here's how to do it.

Most people use NAT to connect to the Internet these days. NAT transforms private IP addresses to public IP address so users can access the public Internet. Most of us use a form of NAT called Port Address Translation (PAT), which Cisco refers to as NAT overload. (For more information, see "Set up NAT using the Cisco IOS" and "Set up Port Address Translation (PAT) in the Cisco IOS.")

To start off, let's get a better idea of what we're working with. Figure A offers a diagram to help visualize the network.

Here's our goal: We want to configure a static IP translation through the router from the outside (i.e., Internet) network to the inside (i.e., private) network.

On a Linksys router with a basic Web interface, this isn't very hard to do. However, on a Cisco router using the command-line interface (CLI), you'll struggle if you don't know the proper commands or where to apply them.

It's a good idea to gather the data you'll need before you start. Here's the information we need for our example:

• Router inside interface E0/0: IP 10.1.1.1
• Router outside interface S0/0: IP 63.63.63.1
• Web/mail server private IP: 10.1.1.2
• Web/mail server public IP: 63.63.63.2

There are two important steps to get this traffic inside your network and to your Web/mail server:

1. NAT configuration
2. Firewall configuration

In this post, I'll provide the basic static NAT configuration. However, make sure that whatever you're using for your firewall also allows this traffic in.

Whether you're using basic access control lists (ACLs) or the Cisco IOS firewall feature set, make sure you understand the Cisco IOS order of operations to configure your firewall for the right IP addresses (public or private). In other words, what happens first -- NAT translation or firewall filtering? For example, when using ACLs, a check of the input ACL occurs before NAT translation. So, you need to write ACLs with the public IP addresses in mind.

Now that we've covered the background info, let's get started with configuring static NAT. For our example, let's say we start out with this basic configuration:

interface Serial0/0

  ip address 63.63.63.1 255.255.255.0

  ip nat outside

interface Ethernet0/0

  ip address 10.1.1.1 255.255.255.0

  ip nat inside

We need the NAT translations to translate the outside IP address of the Web/mail server from63.63.63.2 to 10.1.1.2 (and from 10.1.1.2 to 63.63.63.2). Here's the missing link between the outside and inside NAT configurations:

router (config)# ip nat inside source static tcp 10.1.1.2 25 63.63.63.2 25

router (config)# ip nat inside source static tcp 10.1.1.2 443 63.63.63.2 443

router (config)# ip nat inside source static tcp 10.1.1.2 80 63.63.63.2 80

router (config)# ip nat inside source static tcp 10.1.1.2 110 63.63.63.2 110

We used the above port numbers because they fit the description of what we wanted to do, but keep in mind that your port numbers may be different. I chose port 25 for SMTP (sending mail), port 443 for HTTPS (secure Web), port 80 for HTTP (Web traffic), and port 110 for POP3 (receiving mail from the mail server when out on the Internet).

This configuration assumes you have a block of IP addresses. If you don't, you can use the outside IP address on your router (Serial 0/0 in our case), and you could configure it like this:

router (config)# ip nat inside source static tcp 10.1.1.2 25 interface serial 0/0 25

You can even use this command if you have a dynamic DHCP IP address from your ISP on the outside of your router.

We also need to register the IP address of the mail and Web server in the global Internet DNS registry. So when users enter www.mywebserver.com in their Web browser, the browser would translate it to 63.63.63.2, and the router would then translate it to 10.1.1.2. The Web server would receive that request and respond back through the router, which would translate it back to the global IP address.

In addition to configuring static NAT, you may want to use dynamic NAT at the same time. With this, your inside PCs could access the Internet using dynamic NAT (i.e., NAT overload or PAT). But this gets a little more complex. For more information, see Cisco's Configuring Static and Dynamic NAT Simultaneously documentation.

Read more »

Manajemen Bandwidth Di Squid Menggunakan Delay Pools

Dokumen ini menjelaskan bagaimana cara mengkonfigurasikan proxy server anda untuk membatasi bandwidth download atau incoming traffic.
Berikut langkah-langkah pengkonfigurasian manajemen bandwidth di squid:
1. Pertama-tama periksa apakah squid telah berjalan di server dan telah dikonfiguraisi sebagai mesin proxy server.
2. Sebelum memulai memanajemen bandwidth di squid, kita jelaskan dulu komponen-komponen manajement bandwidth di squid :

delay_pools
Opsi ini untuk menspesifikasi berapa jumlah pool yang digunakan untuk membatasi jumlah bandwidth dari ACL. Opsi ini akan dirangkaikan bersama opsi delay_class dan delay_parameters yang akan dibahas di bawah ini.

delay_class
Opsi ini menspesifikasikan kelompok dari masing-masing pool yang telah didefinisikan pada opsi delay-pools. Ada tiga class yang didukung Squid, antara lain:
• class 1: Semua akses dibatasi dengan single bucket, artinya hanya bisa mendefinisikan overall bandwidth untuk suatu ACL saja, tidak bisa mendefinisikan bandwidth dengan lebih mendetail
• class 2: Semua akses dibatasi dengan single agregate dengan dua parameter bandwidth. Parameter pertama mendefinisikan berapa bandwidth maksimal yang didapatkan ACL, parameter kedua mendefinisikan berapa bandwidth overall untuk ACL yang spesifik yang ada pada network tersebut.
• class 3: Kelompok yang definisi bandwidth-nya paling mendetail. Parameter pertama mendefinisikan berapa bandwidth maksimal yang didapatkan ACL, parameter kedua mendefinisikan berapa bandwidth normal yang didapatkan ACL secara umum, dan parameter yang ketiga adalah mendefinisikan bandwidth yang didapatkan ACL jika mengakses ACL-ACL tertentu yang spesifik, misalnya file mp3.

delay_parameters
Opsi ini menspesifikasikan rumus bandwidth yang akan didapatkan oleh ACL yang akan memasuki delay_pool. Misalnya ada entry berikut ini pada delay_parameters:
delay_parameters 1 -1/-1 2100/4000
Angka 1 berarti rumus ini berlaku untuk pool 1. Angka -1/-1 berarti bandwidth maksimal yang diberikan Squid adalah tidak terbatas untuk pool ini.

Angka 2100/4000 berarti bandwidth yang didapatkan oleh ACL setelah masuk ke pool ini. Angka ini berada dalam kelipatan 8 b, sehingga untuk mendapatkan nilai bandwidth yang sebenarnya harus dikalikan delapan. Angka 2100 adalah bandwidth yang didapatkan ACL pada masa-masa normal. Jika dikalikan 8, maka bandwidth normal yang akan didapatkan ACL sekitar 18 Kbps. Angka 4000 adalah bandwidth maksimal yang didapatkan ACL pada masa-masa jalur sedang kosong. Jika dikalikan 8, maka bandwidth yang didapatkan sekitar 32 Kbps.

delay_access
Opsi ini mendefinisikan siapa-siapa ACL yang akan dimasukkan ke pool tertentu untuk mendapatkan “perlambatan” bandwidth. Bentuk umumnya adalah seperti ini:
delay_access 1 allow labprog
Opsi di atas berarti kita memasukkan ACL labprog ke dalam pool 1.

3. Jika sudah mengerti komponen-komponen delay pool, kita mulai konfigurasi delay pool .
Di umpamakan kita mempunyai bandwidth dari ISP sebesar 512kb, dan kita membuat rule seperti berikut ini:
- Batas kecepatan koneksi overall adalah 256 Kbps. per-network adalah 64 kbps. Sedangkan per-user/host dibatasi 2 Kbps jika digunakan untuk download file bertipe exe, mp3, vqf, tar.gz, gz, rpm, zip, rar, avi, mpeg, mpe, mpg, qt, ram, rm, iso, raw, dan wav. Jika tidak, maka koneksi perhost HANYA mengikuti aturan per-Network saja.

Penyelesaian:

Edit file /etc/squid/squid.conf
#vi /etc/squid/squid.confLalu tambahkan contoh konfigurasi ini:
# Sebelum kita melakukan pembatasan, kita perlu mendefinisikan ACL network # # yang kita perlukan terlebih dahulu. ACL yang didefinisikan pada host bridge
# seperti di bawah ini:acl lokal src 192.168.1.0/24# Kemudian kita membatasi maksimum download dengan tag di bawah ini:
# Batas kecepatan koneksi overall adalah 256 Kbps. per-network adalah
# 64 kbps. Sedangkan per-user/host dibatasi 2 Kbps jika digunakan untuk
# download file bertipe exe, mp3, vqf, tar.gz, gz, rpm, zip, rar, avi,
# mpeg, mpe, mpg, qt, ram, rm, iso, raw, dan wav. Jika tidak, maka
# koneksi perhost HANYA mengikuti aturan per-Network saja.

acl filegede url_regex -i \.exe
acl filegede url_regex -i \.mp3
acl filegede url_regex -i \.vqf
acl filegede url_regex -i \.gz
acl filegede url_regex -i \.rpm
acl filegede url_regex -i \.zip
acl filegede url_regex -i \.rar
acl filegede url_regex -i \.avi
acl filegede url_regex -i \.mpeg
acl filegede url_regex -i \.mpe
acl filegede url_regex -i \.mpg
acl filegede url_regex -i \.qt
acl filegede url_regex -i \.ram
acl filegede url_regex -i \.rm
acl filegede url_regex -i \.iso
acl filegede url_regex -i \.raw
acl filegede url_regex -i \.wav

# Kita buat dulu ACL untuk mendefinisikan file-file di atas dengan menggunakan # regularexpression. Kemudian kita mendefinisikan 2 delay pool untuk
# menampung bandwidth.
# Satu pool masuk dalam kategori class 2 untuk mendefinisikan aturan overall
# 256 Kbps dan per-network 64 Kbps. Satu pool lainnya masuk kategori class 3
# untuk mendefinisikan aturan tambahan jika user mendownload file-file yang
#didefinisikan dalam ACL url_regex dengan bandwidth maksimal 2 Kbps.

delay_pools 2
delay_class 1 3
delay_parameters 1 32000/32000 8000/8000 250/250
delay_access 1 allow lokal filegede
delay_access 1 deny all
delay_class 2 2
delay_parameters 2 32000/32000 8000/8000
delay_access 2 allow lokal
delay_access 2 deny all

Jika sudah selesai, simpan hasil konfigurasi dan restart squid

#/etc/init.d/squid restart

Sumber : http://miji.wordpress.com/2007/02/06/57/#comment-21

Read more »