Help me with our web server

[margonz]

I have set up the xampp server on an edubuntu hardy machine. We dont
have domain name yet so we access the site thru direct public IP
address. The system works fine except that bayantel called us that
our server is spamming and urge us to correct this problem. I re-
install the machine again this time, it's now a desktop installation
instead of server installation. The again the few months later
bayantel emailed us again to informing that our server is again
spamming. What should I do. Please help. I have closed some mail
related ports also I signed up for free domain name and assigned our
public ip so that it redirects to our site. What could be causing this
problem? Help lab managers....

This is the message from bayantel:

This is to inform you that we received a complaint from our network
security group that your system was sending spam. A computer
application virus that may compromise our entire IP Network possibly
causes this. Failure to stop from sending spam will lead to blocking
of your SMTP traffic on your 3rd Violation. Please see email below for
your reference.


Margonz(from VSU)

[RaDiN]

Mar, i think d problem is not the server or desktop installation. Baka may ibang apps na gumagawa nyan or maybe ung free domain provider na ginamit mo. Kumuha ka na kasi ng domain sa edu.ph :D also try removing other apps that u don't need, install only those apps that u need.. I also tried installing ubuntu hardy in our servers at skul eh pero i havnt encountered problems til now.. web and dns palang napagana ko, wla pang mail, i want to install it kasi on a separate machine kaso di pa dumating order namin.. as of to date, ok naman web server namin with domain from edu.ph..

RaDiN (EVSU)

--

You received this message because you are subscribed to the Google Groups "IOSN-CICT-iSchool-lab-managers" group.
To post to this group, send email to iosn-cict-ischo...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/iosn-cict-ischool-lab-managers?hl=.

[RaDiN]

Also try not to use xampp.. Kung web server lang kelangan mo try individual installation of apache, mysql, php, perl and d like.. You dont need d other apps bundled on xampp naman.. And according to xampp website, it is not intended for deployment or production use because it could be fatal, for development environment lang..

Hope this helps..

RaDiN (EVSU)

[Alvin Marcelo]

Thanks for the advice Radin.

Any suggestions on the apt-get install command to install a LAMP environment in UBuntu?

--
Alvin B. Marcelo, MD (www.alvinmarcelo.com) | Director, UP Manila - National Telehealth Center | GPG 0x99CBC54C

[Harvey Entendez Diaz]

There is also an easier way to install LAMP in Ubuntu as it has a software package grouped for LAMP. These commands should do the trick:

In the command line, type in:

sudo tasksel install lamp-server

Or you can just type in

sudo tasksel

and you will be shown a more friendly tasksel interface where you can choose some software groups like DNS server or Mail server. If you want to use apt-get you can by issuing the command:

sudo apt-get install lamp-server^

Just take note of the caret at the very end.


:-D

[eric pareja]

As Harvey pointed out, it is better to install LAMP in Ubuntu using
the native packaging/installation system. It allows for easier
maintenance/upgrades. It utilizes the Ubuntu packaging system so that
other packages installed are "aware" of its presence.

However, there are some additional things that need to be performed to
secure your Apache web server against being used to stage spam
campaigns. This is true whether you use an XAMPP or native package
install of Apache.

These steps involve the proxy module of Apache and configuring it
properly. Most default apache configurations are not secure against
this.

Please go to http://wiki.apache.org/httpd/ProxyAbuse to read up on how
to configure Apache and the proxy module properly. There are links
inside that detail the process, so don't concentrate on that page
alone. Someone can probably work on summarizing the steps and condense
it into a short step-by-step howto that we can pass on to our network
of systems administrators.

eric pareja (eric....@gmail.com) LPIC-2 | PGP/GPG Key 0xB82E42D9
Coordinator for Technology / Senior Linux Trainer
National Telehealth Center, University of the Philippines Manila
International Open Source Network - ASEAN+3
"Ang mundo ay aklat, at iisang pahina lamang ang nababasa ng hindi naglalakbay."
わかよたれぞ　つねならむ

[margonz]

Sir Eric and Sir Harvey do think it's better for me to install a fresh
LAMP in my ubuntu machine than configure my existing XAMPP

On Nov 18, 12:06 pm, eric pareja <eric.par...@gmail.com> wrote:
> As Harvey pointed out, it is better to install LAMP in Ubuntu using
> the native packaging/installation system. It allows for easier
> maintenance/upgrades. It utilizes the Ubuntu packaging system so that
> other packages installed are "aware" of its presence.
>
> However, there are some additional things that need to be performed to
> secure your Apache web server against being used to stage spam
> campaigns. This is true whether you use an XAMPP or native package
> install of Apache.
>
> These steps involve the proxy module of Apache and configuring it
> properly. Most default apache configurations are not secure against
> this.
>

> Please go tohttp://wiki.apache.org/httpd/ProxyAbuseto read up on how

> to configure Apache and the proxy module properly. There are links
> inside that detail the process, so don't concentrate on that page
> alone. Someone can probably work on summarizing the steps and condense
> it into a short step-by-step howto that we can pass on to our network
> of systems administrators.
>
> On Wed, Nov 18, 2009 at 7:10 AM, Harvey Entendez Diaz
>
>
>
> <harveyentendezd...@gmail.com> wrote:
> > There is also an easier way to install LAMP in Ubuntu as it has a software
> > package grouped for LAMP. These commands should do the trick:
>
> > In the command line, type in:
>
> > sudo tasksel install lamp-server
>
> > Or you can just type in
>
> > sudo tasksel
>
> > and you will be shown a more friendly tasksel interface where you can choose
> > some software groups like DNS server or Mail server. If you want to use
> > apt-get you can by issuing the command:
>
> > sudo apt-get install lamp-server^
>
> > Just take note of the caret at the very end.
>
> > :-D
>
> > Alvin Marcelo wrote:
>
> > Thanks for the advice Radin.
> > Any suggestions on the apt-get install command to install a LAMP environment
> > in UBuntu?
>

> > On Tue, Nov 17, 2009 at 11:30 PM, RaDiN <rdru...@gmail.com> wrote:
>
> >> Also try not to use xampp.. Kung web server lang kelangan mo try
> >> individual installation of apache, mysql, php, perl and d like.. You dont
> >> need d other apps bundled on xampp naman.. And according to xampp website,
> >> it is not intended for deployment or production use because it could be
> >> fatal, for development environment lang..
>
> >> Hope this helps..
>
> >> RaDiN (EVSU)
>

> >> On Tue, Nov 17, 2009 at 11:10 PM, RaDiN <rdru...@gmail.com> wrote:
>
> >>> Mar, i think d problem is not the server or desktop installation. Baka
> >>> may ibang apps na gumagawa nyan or maybe ung free domain provider na ginamit
> >>> mo. Kumuha ka na kasi ng domain sa edu.ph :D also try removing other apps
> >>> that u don't need, install only those apps that u need.. I also tried
> >>> installing ubuntu hardy in our servers at skul eh pero i havnt encountered
> >>> problems til now.. web and dns palang napagana ko, wla pang mail, i want to
> >>> install it kasi on a separate machine kaso di pa dumating order namin.. as
> >>> of to date, ok naman web server namin with domain from edu.ph..
>
> >>> RaDiN (EVSU)
>

> eric pareja (eric.par...@gmail.com) LPIC-2 | PGP/GPG Key 0xB82E42D9

[eric pareja]

Hi Mar,

The advise to use the LAMP packages that are in Ubuntu is due to the
many advantages of using the integrated package management of
Debian/Ubuntu systems. You can easily copy over and edit configuration
files from an existing XAMPP and get the same results. There are just
too many advantages to using package management to ignore them.

That being said, you may still opt to use XAMPP or build from source.

For either of these choices, whether you use the LAMP packages or use
XAMPP, you will still need to configure Apache properly to not be an
open proxy. The webpage I mentioned in my earlier post
(http://wiki.apache.org/httpd/ProxyAbuse) documents the issues around
abuse of your Apache as a proxy system.

eric pareja (eric....@gmail.com) LPIC-2 | PGP/GPG Key 0xB82E42D9

[June Ventanilla]

sir mar,

it think it is better for you install fresh lamp than encounter the same problem over and over again. also, your LMIS uses lamp and not xampp.

=========================================================================

On Wed, Nov 18, 2009 at 7:45 PM, margonz <margo...@gmail.com> wrote:

--
Julio V. Ventanilla, Jr.
iSchools Project - Capability Building
Human Capital Development Group

Commission on Information and Communications Technology
C. P. Garcia Avenue, U. P. Diliman
Quezon City 1101
Philippines

Telefax: (632) 920-7412
Trunkline: (632) 920-0101 loc 299

[jhing valera]

wow, thank you for the post, this may also help us....hi to all and best regards....;)

the spirit of sharing prevails..;)
 

jacinto "jhing" p. valera

sibalom, antique, philippines

mobile: +639351940238

work: +63 36 543-8124

Proverbs 3:5-6

Trust in the LORD with all your heart

And do not lean on your own understanding.

In all your ways acknowledge Him,

And He will make your paths straight.

---

From: June Ventanilla <june...@gmail.com>
To: iosn-cict-ischo...@googlegroups.com
Sent: Thursday, November 19, 2009 9:17:37
Subject: Re: Help me with our web server

---

New Email names for you!
Get the Email name you've always wanted on the new @ymail and @rocketmail.
Hurry before someone else does!

[margonz]

Sir Eric maganda yung suggestion mo to summarize this howto so we can
easily work on it. Experts, please help. By the way, if I will change
some configuration on my apache as mentioned in the link you provided,
will it affect the proxy server connection? This server also happens
to be our proxy server to our LAN providing internet connectivity.

On Nov 18, 12:06 pm, eric pareja <eric.par...@gmail.com> wrote:

> As Harvey pointed out, it is better to install LAMP in Ubuntu using
> the native packaging/installation system. It allows for easier
> maintenance/upgrades. It utilizes the Ubuntu packaging system so that
> other packages installed are "aware" of its presence.
>
> However, there are some additional things that need to be performed to
> secure your Apache web server against being used to stage spam
> campaigns. This is true whether you use an XAMPP or native package
> install of Apache.
>
> These steps involve the proxy module of Apache and configuring it
> properly. Most default apache configurations are not secure against
> this.
>

> Please go tohttp://wiki.apache.org/httpd/ProxyAbuseto read up on how

> to configure Apache and the proxy module properly. There are links
> inside that detail the process, so don't concentrate on that page
> alone. Someone can probably work on summarizing the steps and condense
> it into a short step-by-step howto that we can pass on to our network
> of systems administrators.
>
> On Wed, Nov 18, 2009 at 7:10 AM, Harvey Entendez Diaz
>
>
>
> <harveyentendezd...@gmail.com> wrote:
> > There is also an easier way to install LAMP in Ubuntu as it has a software
> > package grouped for LAMP. These commands should do the trick:
>
> > In the command line, type in:
>
> > sudo tasksel install lamp-server
>
> > Or you can just type in
>
> > sudo tasksel
>
> > and you will be shown a more friendly tasksel interface where you can choose
> > some software groups like DNS server or Mail server. If you want to use
> > apt-get you can by issuing the command:
>
> > sudo apt-get install lamp-server^
>
> > Just take note of the caret at the very end.
>
> > :-D
>
> > Alvin Marcelo wrote:
>
> > Thanks for the advice Radin.
> > Any suggestions on the apt-get install command to install a LAMP environment
> > in UBuntu?
>

> > On Tue, Nov 17, 2009 at 11:30 PM, RaDiN <rdru...@gmail.com> wrote:
>
> >> Also try not to use xampp.. Kung web server lang kelangan mo try
> >> individual installation of apache, mysql, php, perl and d like.. You dont
> >> need d other apps bundled on xampp naman.. And according to xampp website,
> >> it is not intended for deployment or production use because it could be
> >> fatal, for development environment lang..
>
> >> Hope this helps..
>
> >> RaDiN (EVSU)
>

> >> On Tue, Nov 17, 2009 at 11:10 PM, RaDiN <rdru...@gmail.com> wrote:
>
> >>> Mar, i think d problem is not the server or desktop installation. Baka
> >>> may ibang apps na gumagawa nyan or maybe ung free domain provider na ginamit
> >>> mo. Kumuha ka na kasi ng domain sa edu.ph :D also try removing other apps
> >>> that u don't need, install only those apps that u need.. I also tried
> >>> installing ubuntu hardy in our servers at skul eh pero i havnt encountered
> >>> problems til now.. web and dns palang napagana ko, wla pang mail, i want to
> >>> install it kasi on a separate machine kaso di pa dumating order namin.. as
> >>> of to date, ok naman web server namin with domain from edu.ph..
>
> >>> RaDiN (EVSU)
>

> eric pareja (eric.par...@gmail.com) LPIC-2 | PGP/GPG Key 0xB82E42D9

[eric pareja]

Hi Mar,

The configuration for proxying in Apache is DIFFERENT from your http
proxy server (i.e. Squid). Configuring it will NOT affect your proxy
service, even if they are on the same machine. For starters, Squid
uses a different port, port 3128 or 8080. Apache _can_ actually do
proxying like Squid, but it isn't intended to do that. What Apache
proxying is usually used for is when you have a single machine that is
connected to the outside Internet and there are other web servers
inside your intranet (or even outside) that are made accessible via
this apache proxy.

On Mon, Nov 23, 2009 at 1:48 PM, margonz <margo...@gmail.com> wrote:
> Sir Eric maganda yung suggestion mo to summarize this howto so we can
> easily work on it.  Experts, please help. By the way, if I will change
> some configuration on my apache as mentioned in the link you provided,
> will it affect the proxy server connection?  This server also happens
> to be our proxy server to our LAN providing internet connectivity.

--
eric pareja (eric....@gmail.com) LPIC-2 | PGP/GPG Key 0xB82E42D9

[Dorward villaruz]

sir mar,

kindly describe how your network in the school is set up.

outbound spam is just one of your problem, how the attacker got
inside your network is another problem, machines with public IPs are
generally more vulnerable to attacks.

xampp is meant for development use with as little restriction as
possible. knowledge on every started services is required to secure
this services.

also web applications deployed on your web server pose a threat to
your network. make sure deployed applications have iron clad
security.

best regards,
wardy

[margonz]

Nice to hear from your Dorward, our 2 proxy servers is using squid and
our provider is bayantel. This proxy servers supplies internet
connectivity to all of our department (not the whole school). Since
the current configuration of our bayantel line is on an public ip
interface, I also use the same server to for my moodle site. I haven't
customized my xampp configuration other than those that involve the
moodle. The public ip also allows me to do some administrative task at
home. Everything runs smooth except the complaints I received from
bayantel.