DDNS, ip, Listen(?) 2

[menonewbie]

Running Apache 1.3 on Solaris 8 at home. Registered domain name with DDNS.

Question 1: In httpd.conf, which ip address should be next to the Listen derivative:

1) ip that dns registry gives me?
2) a "nameserver" ip?
3) ip for the cable/dsl router?
4) ip that I get from my ISP

Question 2:
Can I keep:
User nobody
Group nobody
or should I change User to "

http://www"

or something else?

Question 3: On a Solaris user note: Do I need to edit the /etc/inet/hosts AND/OR /etc/resolv.conf files?

Question 4: What should the /etc/defaultrouter file look like?

Question 5: Should my hostname be "

http://www"

or can it be anything I want it to be?

 

[RhythmAce]

Hi menonewbie,

1) The IP that your ISP gave your machine is the one that will go with Listen.

2) I think apache uses user apache and group apache but you can change it to what ever you want. If you use something funky, make sure to add the user and group.

3) & 4) I don't know - I'm an RH kinda guy myself )

5) Your ISP may have given you a host name such as "c-1754605-a" and an IP address. When you set your net work settings on your machine, use these and also use the nameserver IPs they gave you. If you own your own domain name (yourdomain.com) set your A record with DDNS to point to your IP with all the names you will be using such as:

yourdomain.com

http://www.yourdomain.com

chat.yourdomain.com
otherserver.yourdomain.com

You should be able to add as many as you want. If you use more than one on your webserver. You will need to setup vhosts on apache for each of them including your main server. If they all have the same IP, then use the name-based vhost. I hope I made sence )

 

[menonewbie]

Okay, now I'm unsure as to where the error is. set your A record with DDNS to point to your IP with all the names you will be using such as: Where's this at? Where do I find this file?

And 2, I just re-installed the OS, Apache comes installed w/ Solaris, living in directories: /etc/apache, /var/apache, /usr/apache.

Let's just say that, that's what I got now. What's the next step??

Thanks in advance,
menonewbie...syke!

 

[menonewbie]

Okay, now I'm unsure as to where the error is. set your A record with DDNS to point to your IP with all the names you will be using such as: Where's this at? Where do I find this file?

And 2, I just re-installed the OS, Apache comes installed w/ Solaris, living in directories: /etc/apache, /var/apache, /usr/apache.

Let's just say that, that's what I got now. What's the next step??

Thanks in advance,
menonewbie...syke!

 

[menonewbie]

whoops, sorry about that....one more thing, if I set the user to "funky," when I add the user "funky," what should I set his Home Directory to?

- menonewbie

 

[RhythmAce]

Sorry for not being more clear. To make things easier, I'm going to make a few assumptions. 1) You have a dynamic ip address which changes all the time. 2) Port 80 is blocked by your isp so you're using pot 8080. 3) Your domain name is a sub-domain of your dns pointer service. If these are true then you don't own your own domain name and you don't have to worry about dns 'A' records. DDNS gives you a sub-domain of their domain and they handle their 'A' record for that zone. So all you have to do is use the name they gave you as the ServerName. Change Listen 80 to Listen 8080 and change Port 80 to Port 8080 in httpd.conf. To answer your question about your user funky, you would set up a user directory like this:

UserDir public_html


<Directory /home/*/public_html>
Options Indexes Includes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Then create a directory in funky's home directory called public_html. The path would look something like this: /home/funky/public_html. The path may be different for Solaris.

 

[menonewbie]

alright, i have no idea what i'm doing wrong *whimpers* thanx for all the advice though. i'll keep trying.

 

[RhythmAce]

Don't give up on us yet. Tell us what you have and what you want to do with it, and we can help you get there.

 

[ifincham]

Hi,

1) Its not really necessary to have any IP address in httpd.conf - apache will listen on all interfaces by default. You can even use a '*' as the IP address in a virtual host container if you're using name-based virtual hosting. As long as the packets arrive at the solaris box then apache should work (irrespective of any nat in between).

2) Because Apache normally binds to port 80 (a privileged port) the usual arranagement is that a 'root' owned process will spawn several listeners but, to enhance security / prevent exploits , those would not be run as root. The userid / groupid of 'nobody' is standard although some re-packagers of apache set it up with a different account (e.g. redhat uses 'apache'). So I wouldn't change it unless you particularly want to.

3) The files you refer to affect the name resolution of the computer on which they reside. So to reach

http://www.sun.com

from the solaris box you would need you name resolution to work. However, hosting a web-server is the opposite scenario. As long as people 'out there' can resolve your

http://www.mydomain.com

to an IP address that is routed to you then it would all work. In other words, the important thing is the inbound name resolution which you are doing with DDNS.

[/etc/inet/hosts (symlinked to /etc/hosts) is just the 'hosts' file for local resolution outside of dns. /etc/resolv.conf is a config file which lists the IP addresses of DNS servers for DNS resolution.]

4) /etc/defaultrouter just contains the IP address of the default router. You might set it like :

echo &quot;172.16.16.5&quot; > /etc/defaultrouter

5) As long as it resolves to an IP address that is routed to you it can be anything you like. It must be defined in the dns records however - that is the key. The beauty of Apache name-base virtual hosts is that you could have hundreds of canonical names (e.g.

http://www.mylovelydomain.com

or silly.otherdomain.com) all pointing to the exact same IP address and you can serve them all with their own content.

Anyway, what exactly are the symptoms of your problem ? If you do '/usr/apache/bin/apachectl start' and then

http://localhost

do you at least get the test page up ?

Hope this helps

 

[menonewbie]

Ok, one night(maybe this was a real retarded thing to do, but

I mkdir'ed /usr/local/ and DLed & unpacked apache, gcc, autoconf, and automake. So now I have a /usr/local/apache/bin/apachectl and an /usr/apache/bin/apachectl. What about /etc/init.d/apache? Is there an quivalent file living in /usr/local/apache

Question: Do I need to delete the /etc/apache directory?

nope, nothing comes up when /usr/apache/bin/apachectl start....but about a month ago, it worked. But when I would get someone to try and login, it wouldn't work(?)

-M.N.N. (-ugh)


p.s. - Does this mean anything &quot;Nov 12 15:10:47 unknown libcsa: unknown: RPC: Rpcbind failure - RPC: Timed out&quot;

 

[menonewbie]

hey guys, when I 'ps -e', httpd is listed 3 times.

 

[ifincham]

Hi,

Well libcsa is a CDE / Motif calendar library -->

http://www.cs.arizona.edu/computer....mersGuide/programmersguide_16.html#MARKER2_16

so don't think that's relevant somehow....

Anyway, if you've now installed in /usr/local/apache then you should be able to do :

/usr/local/apache/bin/apachectl start

(etc.) see -->

http://nodevice.com/sections/ManIndex/man0038.html

.

There is no sysv init script provided by apache.org but some linux distributions (e.g. redhat) provide one in their rpms.

The 3 httpd processes might be OK - it all depends on the 'StartServers' directive in httpd.conf. For example, the following :

StartServers 8

Would show 9 processes - the parent root process and 8 listeners as 'nobody' or 'apache' or whatever.

Hope this helps

 

[menonewbie]

'/usr/local/apache/bin/apachectl: httpd started'
'/usr/local/apache/bin/apachectl: httpd restarted'
'# /usr/local/apache/bin/apachectl: httpd configtest Syntax OK.'

But when I go to a web browser and try to connect to localhost, it goes thru the browser's search page.
--------------------------------------
If I change the port setting in the conf file, do I need to edit something on the router?

peace outdoors,
- mnn.

 

[Guest_imported]

hehe, forgot my pw....

so...anyone? anyone?

 

[Guest_imported]

so...am i supposed to edit /etc/dfs/dfstab ?

 

[ifincham]

Hi,

dfstab is just for nfs shares and has got nothing to do with apache which uses 'regular' tcp . Are you saying that, from the same box as is running apache, you can't get the test page using either

http://127.0.0.1

or

http://localhost

Regards

 

[Guest_imported]

nope, i DO get the test page at

http://127.0.0.1

&

http://localhost....

But yall can't see it...Don't know why you guys can't see it, that's the problem. Could it be b/c of my ISP?

Thanks.

 

[ifincham]

Hi,

OK... makes more sense now. Assuming the DDNS works correctly, then it would either be a firewall issue at your box (which presumably you know about) or it could very well be that your ISP is either blocking port 80 or blocking http protocol in general. Its probably easiest just to ask them. One thing you could try is another TCP port. If you add a Listen directive to your httpd.conf :

Listen 80
Listen 8081 (or whatever)

Then try from outside with

http://yourdomain.com:8081

See if that works....

Other tests you can do are things like (temporarily) start up a telnet server and see if you can connect remotely via the domaainname :

telnet yourdomain.com

In fact, you should be able to do that even with just apache running, i.e

telnet yourdomain.com 80

If it seems to connect type 'GET /' and enter a couple of times. You should get some raw html from apache.

Hope this helps

 

[Guest_imported]

ok, so we're getting somewhere. It's most likely the built-in firewall that's in the router then, correct?

Another thing, I want to run Apache through the DDNS registry that I registered with. Meaning, I want Apache to be pointed at the domain/ip that the registry gave me, as opposed to the dns info. that my ISP provides. Is this something that the &quot;Listen&quot; directive can solve as well?

Another Thanks.

 

[ifincham]

Hi,

Well, it could be that or some filtering at the ISP end. Apart from the obvious solution of just asking the ISP direct, if its at their end you can only 'probe' for what does and doesn't work by trial and error. For example, you can run a ftp server on port 80 to test if that works vs apache (same port - different protocol) or, as above, test the same protocol on different ports.

As for the 'listen', you can just leave it with a 'Listen 80'. That effectively gives a wildcard on the IP address so would work with any IP address obtained dynamically. Its much more a problem of getting the domain routed to your box (via DNS or DDNS). As long as http requests reach the server all should be OK with that basic 'listen directive. This is outside of apache as such - just dns, ip routing, etc.

Regards