Advice sought on makine web-server safe

Tim ignored_mailbox at yahoo.com.au
Fri Nov 18 00:58:30 UTC 2005 

Timothy Murphy:
>>> I want to allow general access to the web-server (apache) on my
>>> desktop, but not to any other services on this machine.

Tim: 
>> What do you mean by general access?  Access to read the files it serves?
>> Access to create files to be served?  Access to configure the server?

Timothy Murphy:
> By "general access" I meant that anyone should have access to my web-files -
> they would not require any sort of password or code.
> I would not like anyone to have access to configure the server
> or to create files on my computer.
> I only want to offer the ability to see my web-pages.

As you've, no doubt, read by now.  Apache does that without requiring
much of you right from the word go.

If you're hoping to serve files you've put into your homespace, then
you'll probably need to get SELinux working right, or disable it for the
web server (I suggest the first option), as well as general Unix file
permissions.

e.g. Serving from:  /home/your-space/public_html/homepage.html

If you're going to serve file from the default webserver HTDOCs
directory (/var/www/html/) you'll either have to do so as root, or
rearrange permissions so that you can easily write and modify files in
that location.

Then, for either case, you have to allow port 80 through your firewall.
You also need to be using an ISP that doesn't block it, and doesn't
forbid running servers.

You can use alternative ports, but you have to tell people what port to
use, then.

> I used the word "desktop" simply because I was on a laptop (on a train)
> at the time - which was also the reason for the garbled message.

Ah, if you'd called it a "desktop PC" we'd have understood you meant not
a laptop PC.  But it doesn't make much difference, other than if you
were using a laptop you'd have to make sure it didn't go to sleep on the
job (that's a common issue with laptops but uncommon with desktop PCs).

I'm not surprised by the troubles you got getting an answer, your
question was too vague.

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

More information about the fedora-list mailing list