Apache or NGINX ?

That's fantastic thanks again Matthew. What you describe about 'shells' reminds me of my old professional IBM midrange days (in a different life) where you had the programming language RPG but to talk to the operating system, something called OCL. You could package up OCL statements into a 'procedure' (In Linux/Unix speak, I imagine called a script) and store it as if it's a kind of program in itself.

On my Linux Mint system, once I've been able to 'manage' my website directories, my next task will be to install an integrated Perl. I know Perl quite well, at least well enough to process forms and modify outbound HTML docs. I'm assuming if I just do a sudo install perl, it won't be integrated in with the Apache.
You're very welcome. bash shells have functions if you want to use those. "man bash" for a ton of information about the bash shell. Other shells exist too,, like tcsh and others.

I would recommend always using a root shell when installing anything. If Mint is based on Debian LInux then you'll need to use the package manager /usr/bin/apt if you want to install anything, unless you are installing something from a tar file or something instead of a Debian package. Debian packages end in .deb so they'll need to use apt to install those. Use "apt update" first to make sure you have a current listing of what's available and then "apt upgrade" to make sure any packages you already have are current, then use "apt install <package name here>" without the angle brackets, to install a new package. "man apt" for more on the package manager. Make sure your web server has permission to access whatever you want it to use.

Signed,

Matthew Campbell
 


If one enters <localhost> in the browser URL bar, Apache automatically opens the document
var/www/html/public_html/index.html

If I were to enter <localhost myWebsite/>
will or should Apache automatically open the document var/www/html/myWebsite/public_html/index.html ?
 
If one enters <localhost> in the browser URL bar, Apache automatically opens the document
var/www/html/public_html/index.html

If I were to enter <localhost myWebsite/>
will or should Apache automatically open the document var/www/html/myWebsite/public_html/index.html ?
You should define a VirtualHost for each web site you want to run. Each web site needs to have one and only one numeric IP address and port number. Using a separate IP address or separate port number counts as a separate web site. You should get an error if you try to access a server that is not defined in /etc/apache2/sites-available/.conf. Apache2 will latch on to the port number that you specify in /etc/apache2/ports.conf for every numeric IP address on your computer, all of them. You can scan with nmap to see for yourself. You should use firewall rules to drop connection requests targeting addresses that are not defined to run a web server. localhost is 127.0.0.0/8 which means you have over sixteen million numeric IP addresses in the localhost domain. At least I think Apache2 uses all of the localhost domain. My ftp server does. Make sure you have a Directory entry in /etc/apache2/apache2.conf for each server that you define that defines the base directory to use for that server along with access rights. Do not use <VirtualHost localhost:80> in /etc/apache2/sites-available/.conf. Use one and only one numeric IP address. localhost is a domain, not just an address. People think localhost is simply 127.0.0.1, but this is not entirely accurate. Think of localhost as a netblock for your own computer, not an address. If you type localhost in your web browser it will ask the kernel what localhost is and your kernel will probably respond with 127.0.0.1, but then this is probably defined this way in /etc/hosts.

Let's say you wanted to block all of the localhost domain to protect Apache2 from connection requests from undefined server access.

If you had a filter table named filter4 and another named filter6 in the input chain you could use:

/usr/sbin/nft add rule ip filter4 input ip daddr 127.0.0.0/8 tcp dport 80 drop
/usr/sbin/nft add rule ip6 filter6 input ip6 daddr ::1 tcp dport 80 drop

This would drop all connection requests for port 80 in the entire IPv4 localhost domain and the IPv6 localhost address. You should also block all of your IPv6 link-local addresses both ways too if you're not using those. You can use:

/usr/sbin/nft add rule ip6 filter6 input ip6 saddr fe80::/64 drop
/usr/sbin/nft add rule ip6 filter6 input ip6 daddr fe80::/64 drop
/usr/sbin/nft add rule ip6 filter6 output ip6 saddr fe80::/64 drop
/usr/sbin/nft add rule ip6 filter6 output ip6 daddr fe80::/64 drop

You should also block the IPv4 address 0.0.0.0 both ways, sending and receiving, unless you use DHCP to protect your computer from unauthorized scanning and unauthorized connections. I participated in the discussion about that in another post on this forum. At least block the ports used by any servers that you run. Any such unauthorized attempts should show up in other_vhosts_access.log which should be in the directory defined as ServerRoot in /etc/apache2/apache2.conf.

A misconfigured server is how many bad guys gain initial access to computers. Proper configuration is crucial to computer and network security. Only enable the web server modules that you need and plan to use. Thoroughly test your server by throwing everything you've got at it to stress test it before exposing it to the web. Ask people that do these things for help in doing so.

Signed,

Matthew Campbell
 
Thanks again Matthew. You do realise I'm talking about my laptop rather than a bona-fide web server though?

Once I've learned how to walk with Linux before sprinting with it, I do rather like the potential for another specific person to be able to access their website currently under construction from their own computer through the web to my laptop ... that'd be cool!
 
Last edited:
Thanks again Matthew. You do realise I'm talking about my laptop rather than a bona-fide web server though?

Once I've learned how to walk with Linux before sprinting with it, I do rather like the potential for another specific person to be able to access their website currently under construction from their own computer through the web to my laptop ... that'd be cool!
You can use a reverse tunnel, like localhost dot run, to let people do that. I have my server set up to allow that, but only as long as I tell it to. I think Amazon AWS might be willing to rent you a small web server for like US$5 a month if you'd like to try something like that. I think they call it LightSail. localhost dot run (a URL) will charge you if you want something that lasts for more than a few hours. You can try it out with a temporary URL for free, but the link will look weird and only last a few hours or so. You can even get your own domain name from them with that monthly fee. It's up to you. I'd try it out at home first to make sure you have content that people are actually interested in accessing. It would be disappointing to pay for a year's worth of service from a place like Amazon only to have few to no visitors accessing your new web site.

If you want to test it out for yourself you can use:

/usr/bin/ssh -R 80:192.168.1.10:8080 [email protected]

if your laptop uses the IPv4 address 192.168.1.10 and your web server is listening on port 8080. Adjust those two values as needed. Leave the rest as is. This will let you use another device to access your shiny new web site from the Internet to see how it looks. Of course you can also use the same local network to let yourself in. They will give you a link to use. Feed that link to your browser to try it out. If you want to leave it on for a while you might look into the keepalive option. Their web site talks about doing this. That temporary link will only last a few hours though. They say they do this to cut down on people going phishing.

Make sure you are running http on 8080 in that case, not https.

Signed,

Matthew Campbell
 
Last edited:
I just wondered if I furnished a specific individual with an IP address, they could use that address to go through the internet to my laptop's port and their website being developed on it. I wouldn't go to the extent of paying for a very temporary bona-fide web server. Once the site is ready for publication, then I'd load it onto a long term bona-fide web server for general public access.

In the meantime, I merely wish to use localhost on my laptop myself to access 'localhost myWebsite1', 'localhost myWebsite2', etc but am unsure what the full localhost address in the URL bar would or should look like?

Also if I can create the paths thus:-

var/www/myWebsite1
var/www/myWebsite2

...and if Apache will then automatically open the index.html within public_html directly underneath myWebsite(n)?

My next task then, is to install Perl integrated into Apache so that the webforms can successfully call CGI programs to process the data from those forms. I fear that if I just install Perl it won't be integrated into the Apache and the webform program calls won't work.

This is what I mean about 'walking' before I attempt to sprint where Linux and Apache is concerned. I'm at a pretty basic level at the moment.
 
Last edited:
I just wondered if I furnished a specific individual with an IP address, they could use that address to go through the internet to my laptop's port and their website being developed on it. I wouldn't go to the extent of paying for a very temporary bona-fide web server. Once the site is ready for publication, then I'd load it onto a long term bona-fide web server for general public access.

In the meantime, I merely wish to use localhost on my laptop myself to access 'localhost myWebsite1', 'localhost myWebsite2', etc but am unsure what the full localhost address in the URL bar would or should look like?

Also if I can create the paths thus:-

var/www/myWebsite1
var/www/myWebsite2

...and if Apache will then automatically open the index.html within public_html directly underneath myWebsite(n)?

My next task then, is to install Perl integrated into Apache so that the webforms can successfully call CGI programs to process the data from those forms. I fear that if I just install Perl it won't be integrated into the Apache and the webform program calls won't work.

This is what I mean about 'walking' before I attempt to sprint where Linux and Apache is concerned. I'm at a pretty basic level at the moment.
In order for you to give someone else an IP address to use to access your web site from the Internet you would need an ISP to provide that. That reverse tunnel would provide a domain name for them to use, but only for a few hours. By letting someone in from the Internet you'll be opening the door to the whole world. You could define your own domain names for localhost in /etc/hosts like this:

127.0.0.1 (TAB) website1
127.0.0.2 (TAB) website2
127.0.0.3 (TAB) website3

and then define a VirtualHost in /etc/apache2/sites-available/000-default.conf as <VirtualHost 127.0.0.1:80> and also define a Directory in /etc/apache2/apache2.conf to match. Make sure to define a VirtualHost and Directory for each one. Then use http://website1/ to visit the first web site. Use DocumentRoot in each VirtualHost definition to tell the virtual server where the server's root directory is. Something like DocumentRoot /var/www/myWebsite1. I hope this helps. I'm here for you if you have any further questions. I do love to help. Make sure your firewall gives you access to whichever numeric IP addresses you want to use for your server.

Signed,

Matthew Campbell
 
By CGI, do you mean "computer generated images"? I didnt know you could do that with Perl.
Common Gateway Interface. It's a program that runs on the server side instead of in the web browser. The CGI program generates dynamic web pages that are sent to the web browser. It uses environment variables that hold data for the CGI program to read and use. Search for query string to see how it works, along with URL encoding.

Signed,

Matthew Campbell
 
Also, CGI is often in Perl, though I understand that's not a requirement.
 
Common Gateway Interface. It's a program that runs on the server side instead of in the web browser. The CGI program generates dynamic web pages that are sent to the web browser. It uses environment variables that hold data for the CGI program to read and use. Search for query string to see how it works, along with URL encoding.

Signed,

Matthew Campbell
i figured you use special software for computer generated images, not text based programming languages
 
Also, CGI is often in Perl, though I understand that's not a requirement.
A CGI program can be in any language that can be run on the computer that hosts the web site. Many are also written in Python. I wrote mine in C. They can also be written in bash.

Signed,

Matthew Campbell
 
i figured you use special software for computer generated images, not text based programming languages
A CGI program produces a web page and send it to stdout. The web server then sends that output to the web browser.

Signed,

Matthew Campbell
 
When I get to the point of needing to install Perl, maybe best I ask how to integrate it with Apache, on a Perl forum?
Perl is a potent interpretive language. Insofar as websites are concerned you summarise a CGI program well Matthew. As others have stated other languages such as PHP and Python can also be used for CGI.
 
When I get to the point of needing to install Perl, maybe best I ask how to integrate it with Apache, on a Perl forum?
Perl is a potent interpretive language. Insofar as websites are concerned you summarise a CGI program well Matthew. As others have stated other languages such as PHP and Python can also be used for CGI.
Since you will be using it with Apache2 on Linux I see no harm in asking about it here. The more knowledge people share here the better is it for all of us.

Signed,

Matthew Campbell
 
A CGI program can be in any language that can be run on the computer that hosts the web site.

That's my understanding. I've always just used Perl, though I haven't needed to do so in quite a while.

All properly placed in /cgi-bin/ of course.

Man, I feel old thinking about these things.
 
That's my understanding. I've always just used Perl, though I haven't needed to do so in quite a while.

All properly placed in /cgi-bin/ of course.

Man, I feel old thinking about these things.
/cgi-bin is where they are normally stored and in fact anything stored in /cgi-bin is presumed to be a CGI program, but that is not a requirement. Consider YouTube. They have a CGI program called /watch that is included in virtually every link available.

I use a CGI program in one spot and a symlink to it in almost every directory. It senses where it is being run from and provides a dynamic web page for that directory.

Signed,

Matthew Campbell
 
/cgi-bin is where they are normally stored and in fact anything stored in /cgi-bin is presumed to be a CGI program, but that is not a requirement.

It was a reference to back in the day where, as far as I experienced, your CGI scripts would only run properly (on Apache) if they were in that specific folder - though I think you could also call it just plain /cgi and it'd still work.
 
I'm curious - are CGI and Perl sooo yesterday ? If so, what've they been superseded by?
 

Members online


Top