I appologise this is my first post, I will gladly have a further look around to see if this has been posted elsewhere, but so far it has not, or it doesnt quite explain in full what I need. If anyone here can help me out, I would really appreciate this. I want to make sure I do this right, as in the past I made a huge error and messed up my server.
I have two servers.
1, is our online dedicated server for mainly gaming, but I also use it as a hosting site for very basic webpages and a forum. This is on Centos 5.
2, My second server is a raspberry PI which I am using to test and learn from which is on Debian at home. Both servers are setup with just CLI access and Webmin.
I fully understand that these are two very different distro's but I am hoping what I need to do, can apply to both. All I want to be able to do is create a user, which has full read/write access ( and also be able to change a subfolder's acess ( to 777 for example ) to the var/www ( PI ) or var/www/html ( Centos ) folders using a client FTP application from a Windows PC, such as Filezilla.
As an example from my Raspberry PI, I wanted to try this from root:
Code:
chown -R piweb:piweb /var/www/
I assume, this on Centos would be :
Code:
chown -R webuser:webuser /var/www/html
But im not so sure if this is right, or if there is a better way to do it? Any help would be great, thanks for your time.
Thanks
Last edited by Pinkfloyd; 02-04-2013 at 07:24 AM..
I have several live websites running in the /var/www/XXXX directory. Initially when I did the Debian install I limited the web directory to 6GB. I am now outgrowing that limit. Question is:
Is there a simple way to add space to the web directory???
I'd hate to have to redo the whole... (3 Replies)
Hi,
I found out the CIA's worldfact book is has an open copyright, anyone can use it as long as we don't use the CIA shield.
So, I set up an experimental SEO site to see what will happen in the search engines over time:
The Global Factbook
Please click above and let's see if we can... (1 Reply)
Hi, first post. I have no Linux experience. I have an e-friend that set me up a VPS and my website with Apache and FTP access so I could upload my files the way I do it regularly with my shared hosting. The OS in the VPS is Fedora by the way. Now the thing is:
http ://www.mydomain.com presents... (0 Replies)
what should be the permissions of the folder var/www in my ubuntu ?
I need it to be safe and at the same time I need ftp users to be able to edit it.
I was wondering if I should create a group with all permissions and add ftp users to this group in unix.
what's the standard way to do it ?... (4 Replies)
Hi all,
Exactly like my title says.
I am learning PHP and MySQL and I used to use /var/www/ to host (contain or store) my files (.htm/.php) for testing. I could configure, finally, apache2 to use ~/public_html instead.
Now I when I tried to use $_SERVER it still directs (I used echo to show... (7 Replies)
Discussion started by: faizlo
7 Replies
LEARN ABOUT DEBIAN
ffproxy.quick
ffproxy.quick(7) BSD Miscellaneous Information Manual ffproxy.quick(7)NAME
ffproxy.quick -- filtering HTTP/HTTPS proxy server quick introduction
DESCRIPTION
ffproxy is a filtering HTTP/HTTPS proxy server. It is able to filter by host, URL, and header. Custom header entries can be filtered and
added. It can even drop its privileges and optionally chroot(2) to some directory. Logging to syslog(3) is supported, as is using another
auxiliary proxy server. An HTTP accelerator feature (acting as a front-end to an HTTP server) is included. Contacting IPv6 servers as well
as binding to IPv6 is supported and allows transparent IPv6 over IPv4 browsing (and vice versa).
This manual describes how to set up a basic HTTP proxy installation. It is assumed that you already have compiled the program or installed
it via port or package.
COPYING FILES
The program comes with default configuration files that contain both examples and suggested entries. You can simply copy them to a directory
of your choice. This directory will become the program's working directory.
mkdir /var/ffproxy
tar cf - db/ html/ | ( cd /var/ffproxy ; tar xf - )
cp sample.config /var/ffproxy/ffproxy.conf
Above example would install all needed files to /var/ffproxy, which is ffproxy's default working directory.
SECURING
The proxy now has its own working directory. By default, ffproxy does not change UID/GID after start. For security reasons we want to
enable it. You have two choices know: Either use existing UID/GID or add custom UID/GID for ffproxy. See adduser(8) or useradd(8), depend-
ing on your system, on how to create new IDs.
Edit ffproxy.conf and change the lines containing uid and gid
# change UID and GID
#
# to use, both uid and gid must be set
# (disabled by default)
#uid proxy
#gid proxy
uid _ffproxy
gid _ffproxy
In addition to changing UID and GID, ffproxy should be executed change-rooted to its working directory. So we change chroot_dir and
db_files_path in the configuration file
# change root to (only in connection with uid and gid change)
# (disabled by default)
chroot_dir /var/ffproxy
# path to db/ and html/ directories
# (default: /var/ffproxy)
db_files_path .
db_files_path must be changed, too, since that is relative to new root. Finally, we copy /etc/resolv.conf to ffproxy's home to enable DNS in
chroot and chown /var/ffproxy so the proxy's master process can write its PID file
mkdir /var/ffproxy/etc
cp /etc/resolv.conf /var/ffproxy/etc/
chmod 750 /var/ffproxy
chown _ffproxy._ffproxy /var/ffproxy
ACCESS TO THE PROXY
By default, nobody is allowed to connect to ffproxy. Let's say, we want to provide LAN users a filtering proxy to shut down malicous content
coming from the Internet. So the proxy has to be listening on the local network interface only. We change bind_ipv4 and bind_ipv6 appropi-
ately in ffproxy.conf
bind_ipv4 martyr.burden.eu.org
bind_ipv6 martyr.burden.eu.org
Additionally, we have to change db/access.ip. By, for example,
^192.168.10.
we allow 192.168.10.0/24 to use our proxy.
STARTING THE PROXY
Last step is starting ffproxy. Keep in mind that we run the program change-rooted to /var/ffproxy, so files are relative to new root.
cd /var/ffproxy ; /usr/local/bin/ffproxy -f ffproxy.conf
starts ffproxy. Now test if it works correctly. If not, change ffproxy.conf and/or read ffproxy(8)ffproxy.conf(5)
ffproxy is not running as daemon right know. If everything seems to work, simply shut down the proxy by pressing CTRL-C, set `daemonize yes'
in the configuration file and start ffproxy again.
TRANSPARENT OPERATION
The proxy allows transparent operation, that is, HTTP traffic is redirect to the proxy which simulates a HTTP server so that the users don't
have to specify a proxy server. Consider forced usage of a proxy server as well. To do that, you will have to configure your NAT accord-
ingly. On OpenBSD you'll want a line like
rdr on rl0 proto tcp from any to any port 80 -> 127.0.0.1 port 8080
in /etc/pf.conf. See your NAT's documentation for details on how to do this.
VERSION
This manual documents ffproxy 1.6 (2005-01-05).
SEE ALSO ffproxy(8), ffproxy.conf(5), pf.conf(5)
Jan 5, 2005
02-04-2013
