Last active
October 5, 2017 06:48
-
-
Save rajitha-bandara/b513c7d65b5b02fd96512e44febc5852 to your computer and use it in GitHub Desktop.
Set up Cent OS 7 Web Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Manage Security | |
1.Allow HTTP Service theough firewall | |
Open Predefined Service | |
https://www.rootusers.com/how-to-open-a-port-in-centos-7-with-firewalld/ | |
2. Change SSH Port | |
https://www.globo.tech/learning-center/change-ssh-port-centos-7/ | |
3. Disable Root Login | |
https://www.digitalocean.com/community/tutorials/initial-server-setup-with-centos-7 | |
4. Extra Services & security | |
https://www.digitalocean.com/community/tutorials/additional-recommended-steps-for-new-centos-7-servers | |
5. Multiple sites with virtual hosts | |
https://www.godaddy.com/help/configure-apache-virtual-hosts-centos-7-17338 | |
(SELinux might create problems when apache restart after all things done in Centos 7) | |
Execute with sudo | |
semanage fcontext -a -t httpd_sys_rw_content_t 'abc.com' | |
restorecon -v 'abc.com' | |
setsebool -P httpd_unified 1 | |
ausearch -c 'httpd' --raw | audit2allow -M my-httpd | |
semodule -i my-httpd.pp | |
6. Setup postgresql | |
Install from Enterprise DB | |
in pg_hba.conf (/opt/PostgreSQL/9.6/data/pg_hba.conf) | |
Change ident to md5 if not set to allow login with password | |
Add a host record fot 127.0.0.1 | |
At the end it should look like below | |
# TYPE DATABASE USER ADDRESS METHOD | |
# "local" is for Unix domain socket connections only | |
local all all md5 | |
# IPv4 local connections: | |
host all all 127.0.0.1/32 md5 | |
# IPv6 local connections: | |
host all all ::1/128 md5 | |
host all all 127.0.0.1/32 md5 | |
# Allow replication connections from localhost, by a user with the | |
# replication privilege. | |
#local replication postgres md5 | |
#host replication postgres 127.0.0.1/32 md5 | |
#host replication postgres ::1/128 md5 | |
To fix SELinux permission denied problem set flag | |
sudo setsebool -P httpd_can_network_connect_db on | |
7. Install Teamviewer | |
After installing Teamviewer, | |
check if daemon is running fine: | |
teamviewer --daemon status | |
get machine id: | |
teamviewer --info | grep "TeamViewer ID" | |
set password | |
sudo teamviewer passwd [password] | |
start : | |
export DISPLAY=":0.0" | |
teamviewer | |
8. Allow rewrite urls | |
In /etc/httpd/conf/httpd.conf | |
Find the section <directory /var/www/html> and change AllowOverride None to AllowOverride All | |
<Directory /var/www/html> | |
AllowOverride All | |
</Directory> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment