Category Archives: Web Programming

Notes that discuss my html5, jquery, php, based web programming

Install Apache web server on Windows 7 with php

Web Programming, , ,

Here’s the steps I followed to install Apache web server on Windows 7 with php.

I have been running an application on a Windows XP PC for years.  The application was web enabled on top of Apache for Windows.  This note captures the steps to move my application over to my Win7 PC; since I’ve done this before, this should be easy.  Well no, I had some bumps and these notes are to help me for next time.

For starters, I decided to follow the nice how-to found at Badprog.

1. Install Apache httpd.

  • Download from here
  • For Network Domain, I entered my domain name.
  • For Server Name, I entered my private IP address, 192.168.x.x
  • I verified my setup, by trying http://192.168.x.x.  Look for “It Works!”

.2. Install PHP

  • Download from here. I used VC9 x86 Thread Safe (2012-Nov-21 21:22:38), v5.4.9
  • unzip and copy to C:\Program Files (x86)\PHP
  • rename folder to php-5.4.9

3. Configure

  • C:\Program Files (x86)\Apache Software Foundation\Apache2.2\conf\httpd.conf
 LoadModule php5_module "C:/Program files (x86)/\
 PHP/php-5.4.9/php5apache2_2.dll"
 LoadModule ssl_module modules/mod_ssl.so
 LoadModule rewrite_module modules/mod_rewrite.so
 AddType application/x-httpd-php .php
 # for .htaccess
 AllowOverride All
 # for dir_module
 DirectoryIndex index.php index.html
 <Directory "C:/public_html">
 Include conf/extra/httpd-ssl.conf
 # at end of file:
 PHPIniDir "C:/Program Files (x86)/PHP/php-5.4.9"
  • In same directory create a .htpasswd file
  • In c:\public_html, create file phptest.php
 <?php
 phpinfo();
 ?>
  • create file .htaccess
AuthUserFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/.htpasswd"
AuthGroupFile /dev/null
AuthName EnterPassword
AuthType Basic require user j****k
  • verify http://192.168.100.153/phptest.php
  • C:\Program Files (x86)\PHP\php-5.4.9:
    • rename php.ini-development -> php.ini
 date.timezone = "America/Chicago"
 ForceType application/x-httpd-php

Key stuck point for me when setting up my Apache Web Server on Windows 7:

Remember: restart httpd with “Run as Administrator” !!

Restart - must run as Administrator

Whenever the httpd.conf file is changed you need to restart the Apache web server.  Just selecting and running Restart doesn’t work, except if you run it as an Administrator. From the Start menu, find Restart, the right-mouse click it, and select “Run as Administrator.” It took me two hours to figure this out.  Since my old installation was on Windows XP, I never had this issue.

4. Configure SSL

  • edit file: “C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/extra/httpd-ssl.con”
 DocumentRoot "c:/public_html"
 Servername cisco163.kozikfamily.net:443
 SSLCertificateFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cisco163_kozikfamily_net.crt"
 SSLCertificateKeyFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cisco163.kozikfamily.net.key"
 SSLCertificateChainFile "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/conf/cisco163_kozikfamily_net.ca-bundle"

#Because of syntax error on Windows:
SSLSessionCache "shmcb:C:/Progra\~2/Zend/Apache2/logs/ssl_scache(512000)"
Buffalo Linkstation

Buffalo Linkstation for linux backup.

Web Programming, , , ,
Buffalo Linkstation WXL

Buffalo Linkstation WXL

It’s time to expand the usage of my Buffalo Linkstation for linux backup.  I have been using my Linkstation Network Attached Storage box for backup of my home PCs and MACs.  I have a couple of linux servers so I thought I’d see if I could use my Buffalo Linkstation for linux backup.

Summary: create tar files and ftp them to Linkstation

The short version of the story is that I wrote a Buffalo Linkstation for linux backup script that created tar files of my user directories and ftp’d them to the Buffalo Linkstation.  I tried samba mounting the Linkstation and rsyncing to it.  ext4<->ntfs file system incompatibilities won’t let that work.

Buffalo Linkstation for linux backup tar / ftp script approach

I use the following command to backup a user’s directory:

# tar cvzf backupfile.tar.gz --exclude='.*' /home/$USER/

This is a traditional tar command where I exclude the hidden files.

Next, in researching this problem, the Buffalo Linkstation Forum has lots of powerful tips.  The ftp program ncftp is a favorite to use in scripts.  My fedora distribution didn’t have it, so I installed it.

# yum install ncftp

This lets me very easily copy my tar file to my Linkstation; on it, I make a separate share for each home computer:

# ncftpput 192.168.1.40 /array1/share/fedora backupfile.tar.gz

For personal reasons, I want to do backups per user login. That way, I have control over frequency of backup; some content changes frequently, some changes rarely. From this, here’s a per-user Fedora Linux to Buffalo Linkstation backup script:

#!/bin/bash
## userbck.sh
## usage userbck.sh username
##    /home/$username much exist, else exit
USER=$1
echo "Test for /home/$USER"
if [ -d "/home/$USER" ] ; then
   echo "/home/$USER is valid user directory";
else
   echo "/home/$USER is not a valid user directory... Exiting";
   exit 1
fi

DATE=`/bin/date +%Y%m%d`
TIME=`/bin/date +%H`
BCKUPFILE="/tmp/userbck/$USER.$DATE.$TIME.tar.gz"
tar cvzf $BCKUPFILE  --exclude='.*' /home/$USER/
ncftpput 192.168.1.40 /array1/share/fedora $BCKUPFILE

I run user backups once per week, except one backup I run monthly. The backup tar files are on the order of 10M each. I also have a script to backup mysql (borrowing from link):

#!/bin/bash
DATE=`/bin/date +%Y%m%d`
TIME=`/bin/date +%H`
BCKUPFILE="/tmp/sqlbck/alldatabases.$DATE.$TIME.sql"
mysqldump --user root --all-databases > $BCKUPFILE
ncftpput 192.168.1.40 /array1/share/fedora $BCKUPFILE

In my crontab, you can see the general workflow:

0 3 * * * /home/jkozik/bin/bckupdrive.sh # rsync to the other 
                                         # hard drive in the PC
0 17 * * * /home/jkozik/bin/sqlbck.sh
0 16 * * 0 /home/jkozik/bin/userbck.sh nf
0 16 * * 1 /home/jkozik/bin/userbck.sh jkozik
0 16 * * 2 /home/jkozik/bin/userbck.sh lizkozik
0 16 * * 3 /home/jkozik/bin/userbck.sh weather
0 16 * * 4 /home/jkozik/bin/userbck.sh wjr
0 4 1 * * /home/jkozik/bin/userbck.sh family
~

I tried rsync between by linux server and Linkstation… no luck.

For starters, my home network PCs are all backing up to my Linkstation now using its windows (samba/cifs) sharing service. The Linkstation, named LS-WXL9E3, is sitting on my home LAN and looks like any other host on my home LAN WORKGROUP.  Here’s what my home PCs see;

Buffalo Linkstation as a Windows 7 Share

click for larger image

Setting up the Buffalo Linkstation console:  be sure to check the Windows box on the shared folders settings page:

Share Folders Setting

And on the Network->Workgroup/Domain settings page, be sure to put in the right settings for your home workgroup.  My home workgroup is called WORKGROUP.  This is explicitly set on my PCs.

Network Workgroup/Domain Settings

So from my linux server, I mounted the Linkstation.  My fedora installation, included setting up CIFS/SAMBA, so all I had to do was mount:

# mount -tcifs //192.168.1.40/share /mnt/ls-wxl93e \
                -o guest,user=guest

 So from here, I ran a simple test rsync script.

# rsync -av -L --modify-window=2 /home/jkozik   \
                                 /mnt/ls-wxl93e/fedora/home

This worked.  Great (I thought)!   So I started setting up  some cronjobs.  I noticed that every time I ran my rsync, more than half of the files were re-backedup each run.  Rsync only backs up that have changed; but none of these files had changed.  Even after I added the “–modify-window=2″ parameter to the rsync command, I was still backing up way too many files.   Similar to the issue found at link.  Backing up an ext4 filesystem on my fedora linux server to the samba interface on the Linkstation wasn’t going to work for me.

Next step for me:  enable sshd on my Linkstation

So, I learned that the Linkstation community follows a different approach to this issue.  There’s robust set of contributions on how to turn-on ssh access to let rsync run directly through the sshd on the Linkstation, sans samba/cifs. I found the wiki that covers this case, and I’ll someday move to this approach; tar files are ok, but I want to eventually land into a rsync approach.

Fedora sendmail setup. Tips for hosts/domains and masquerading.

Uncategorized, Web Programming,

Notes on my fedora sendmail setup.  I have had my fedora linux server setup for a couple of years with no email —  on purpose, to avoid spam hassles.  But to help my blog work better with plugins I decided to get this machine running sendmail.

I’ve done fedora sendmail setup before on another one of my servers, but it had been so long, I had to start from scratch.  I started by finding a good general setup guide.  This one on the fedora wiki was most worthy.

So the instructions were pretty straight forward.  Since I own my domain name and have a static IP address, the setup is easy.  So I followed the instructions and, well, it didn’t work. My first problem:

Fedora Sendmail setup emails bounced, because email is from user@localhost

So my first couple of test emails sent to my web account bounced back to me, they looked like this:

----- Transcript of session follows -----
... while talking to mx0.gmx.com.:
>>> MAIL From:<[email protected]> SIZE=665
<<< 550 5.1.8 Cannot resolve your domain {mx-us004}
554 5.0.0 Service unavailable

So I had to figure out why my server was putting [email protected].  I learned that my /etc/hosts file was setup wrong.  There’s lots of fedora tips on how to setup your hosts file (here’s a related posting), mine was setup wrong.  One tip, use the sendmail diagnostic tool, as follows:

# sendmail -d0.1 -bv root
[...]
 SYSTEM IDENTITY (after readcf) (short domain name) $w = myserver
(canonical domain name) $j = myserver.mydomain.net
       (subdomain name) $m = mydomain.net
            (node name) $k = myserver.mydomain.net
[...]

The above is good. Before I debugged my localhost problems, this command showed localhost in each of the domain name lines.  Also, for debugging, I recommend using the mail -vv (two v’s) command line option.  It’s easier than looking in the /var/log/maillog file.

Next problem: the emails were addressed [email protected]

The emails were working, but the From line should say [email protected].  I had to relearn how sendmail masquerading worked.  I had to setup the key parameters in the sendmail.mc file, as follows:

MASQUERADE_AS(`mydomain.net')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
FEATURE(allmasquerade)dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl
MASQUERADE_DOMAIN(myserver.mydomain.net)dnl

But the masquerading wasn’t working.  When I went to the official sendmail man page for masquerade, it talked about the EXPOSED_USER option.  By default, sendmail assumes the root user never wants to be masqueraded.  Of course, I was troubleshooting my sendmail setup from the root login, so this option had me thinking something was wrong.  I turned of this option, and finally my fedorda sendmail setup was finished.  It took way longer than I thought it would and I felt it was worth writing up.

For reference, here’s what I changed in my sendmail.mc file:

define(`confLOG_LEVEL', `9')dnl
dnl EXPOSED_USER(`root')dnl
MASQUERADE_AS(`kozikfamily.net')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
FEATURE(allmasquerade)dnl
MASQUERADE_DOMAIN(localhost)dnl
MASQUERADE_DOMAIN(localhost.localdomain)dnl
MASQUERADE_DOMAIN(kozik2.kozikfamily.net)dnl

Personal website now runs over https. Cheap SSL certificate from ClickSSL.

Web Programming, , ,

I wrote a personal single page web application and decided to setup an SSL certificate and run it over https, not http.  I setup the web server and iptables to listen to port 443. But when I accessed my application using https, I got a bright red screen warning me of security certificate issues for the web site.

(click for larger view)

I guess I don’t really need to get a certificate.  All I have to do is click “proceed anyway” and everything would still work. My app would be running over the Internet encrypted.  I didn’t like the user experience; I wanted to be able to use my app from any browser, securely.  So I decided to research registering my URL for an SSL certificate. Continue reading