IIS, Apache, ASP and stuff

O

old.Spikeh

Guest
Basically.... I'm in need of some help here.... I keep asking people but I'm not sure what to do about it :)

I currently use IIS4 - more stable than IIS5 imo, but not as many features. Of course, this is running on nt4... a proper web server hosting a lot of sites. I know the I should be using Linux, but I suppose I'm scared that I will fuck it up cos I don't know much about it at all.

I want to be able to run eggdrops, some mail objects etc (custom, upload scripts etc) and ftp/www/mail services. We recently bought a mail package that work fine for what we want no problem... thats another story. It cost us a lot of money, so we will be keeping the NT server for this anyway.

I want to be able to run PHP, MySQL, Access, SQL7 and ASP on the server, and also some Perl if possible, so I can leave my options open for development.

We are currently with a US company, that while are much cheaper than UK companies, are too far away imo. Can anyone suggest some sites, companies or anything I can look at. Or just give us some info if you can :)

Thanks :)
 
T

Testin da Cable

Guest
Dude,

some help and some questions for you:
questions first:
Have you ever done stuff on Linux/BSD before?
Have you the facility to split your server in say...one for Linux and one for NT?
Can you test stuff or will you go production right off?

Now some help:
apache on linux will run PHP, ASP and Perl using modules. You can/should also fully install the PHP and Perl interpeters. Linux runs the MySQL database nicely so there's no problem there. Perl has it's own interface and I believe apache can use something like a DBI module to talk to databases. PHP has one too.
I'd split off Access and SQL7 to your NT box. You were going to keep IIS4 running? Good. That way you can balance your site(s) nicely I'd think.
now some links:
ASP http://www.apache-asp.org/
PHP http://www.php.net/
MySQL http://www.mysql.com/
Apache http://www.apache.org/
Perl http://www.perl.com/pub
Linux general stuff http://www.linux.org

One more tip: SECURE YOUR STUFF!! twice :)
I've been cracked, once. I didn't like it.
Therefore: shutdown everything you _won't_ be using, close them ports.
Use stuff like SSL http://www.openssl.org/ and secure shell (SSH) http://www.openssh.com/ to talk to your server.
I found all of the above on http://freshmeat.net in about 10 minutes.

Good Luck!

-tdc
 
O

old.Spikeh

Guest
Thanks mate, that's helpfull :)

Now, to answer your questions and give you a feel of what I'm after:

I am senior partners in a business, web design.... we currently develop most sites using HTML,JAVA, Flash and ASP. I've not even scraped the surface of PHP or MySQL yet - but I know that they are good packages to use :) So I'll force myself to use them.

SQL7/2000 is another issue... I have NO IDEA how to go about it... I know its costly, and I know its efficient... but at the presnet we can't comfortably afford that. Maybe in a years time we will be able to :) (Comfortably I mean, without worrying about it)

Have you ever done stuff on Linux/BSD before?
- Yes, I've used a Cobalt RAQ2 server to admin websites and pop accounts... but it was a virtual server, and we got rid of it (For too many reasons to go into).

Have you the facility to split your server in say...one for Linux and one for NT?
- The server is in the US. I have access through PCAnywhere, that's it :( I've not asked them to install anything on it before, but I can enquire about it (They do provide linux servers as well).

Can you test stuff or will you go production right off?
- I use IIS5 at work to test my ASP. I can install what I like there and have the facility to make a linux server if I want - again, I've been scared to do it as I installed Mandrake on my machine at home before and nearly lost my hard disk (I'm not thick btw - just not use Linux before :))

In the end, with the things we have planned, we are going to need more than one server anyway. I, again, don't know much about that side. We have one NT server at the moment, and can upgrade and buy extra servers if we wish. I'm competant ith NT and IIS, again something I've learnt as I go along, and I use a variety of programs such as iMail and FTP Serve-U on the NT box. I have no worries with these programs and infact, most Windows programs.

One more tip: SECURE YOUR STUFF!! twice
- As far as I can tell, my server is protected by a Hardware firewall... again, I don't know much about that side :/ I'm presuming this anyway as their a prfessional company.

I have another question, that I've asked a lot of people from the start. I have a domain, say domain.com. I map www.domain.com and domain.com to the IIS Box, and get pop.domain.com, smtp.domain.com and ftp.domain.com, each representing what they will be used for. However... as I do not have access to the DNS records, I can't look into my problem. The problem is; I need to restrict access to the ports (FTP port for example) for all the other domain hosts apart from FTP.domain.com. Do I have to do this DNS side? I can access my pop account by using www.domain.com for example, when I want to restrict it to pop.domain.com.

Argh! I'm confused :) I was origionally a coder only... and now I own some of the business, I have to do this as well.. don't get me wrong, I have no quarms doing it, but I can't seem to find out much info anywhere :((

[Edited by Spikeh on 24-10-00 at 18:06]
 
T

Testin da Cable

Guest
wow ! looks like you're in for a lot of fun.
here are my thoughts:
1)great! you've worked with (li)unix before. most MS ppl I know get the shivers when there's "just" a command line.

2)why buy an expensive database when you can use a "free" GNU or BSD licensed DB like MySQL/Postgresql etc. They all speak SQL in the end, have product support and can scale to whatever you want. [I'd mail the folks at www.Slashdot.org or freshmeat.net for advice on BIG db's. If you ask nicely they will answer. Check out the "how-to's". There's one for nearly every subject at www.linux.org

3)Secure it anyway mate. Just because it happens to be inside a firewall doesn't make your box uber-safe, it just makes it harder to crack. [call me mr paranoid hehe]

4)Storing ports in DNS? Well unfortunately, no, you can't yet carry this sort of information in DNS. However, DNS now specifies an SRV record, which would let you do this sort of thing, but as far as I know SRV isn't supported by any browsers yet so it won't be of much help.

-tdc



[Edited by testin_da_cable on 24-10-00 at 19:22]
 
O

old.Comatosed

Guest
2)why buy an expensive database when you can use a "free" GNU or BSD licensed DB like MySQL/Postgresql etc. They all speak SQL in the end, have product support and can scale to whatever you want.

If its free, what are you going to charge the client for it?
SQL Server 7.0 = hefty license, hefty internet connector license, nt4/5 license all with a tidy markup.
Does MySql have clustering support? Transactions? Nope.

3)Secure it anyway mate. Just because it happens to be inside a firewall doesn't make your box uber-safe, it just makes it harder to crack. [call me mr paranoid hehe]

What exactly are your definitions of "SECURE YOUR STUFF. TWICE!" and "secure it"?
Oh and don't forget the combined variations of *nix platforms are on average subject to more security alerts per year than M$ variants.

If your paying for dedicated server hosting security should not be your responsibility anyway....thats why you use a hosting company. Your only security concerns relate to the applications your writing.

Yes I am a Microsoft Fanboy(TM) before anyone pipes up :)
 
O

old.Spikeh

Guest
I'd rather have had some help than see you bitching at TDC :p

Gimme your opinions pls... I need all the help I can get :D
 
T

Testin da Cable

Guest
If its free, what are you going to charge the client for it?
SQL Server 7.0 = hefty license, hefty internet connector license, nt4/5 license all with a tidy markup.
Does MySql have clustering support? Transactions? Nope.

-why should you make your customer pay for the tools you use? I charge the ppl who contract me for what I _do_ not for what I _use_. I guess it's a matter of opinion.
-Clusters&transaction support? Dude don't make me laugh. If Spikeh needs such a thing then he will use an appropriate DB. It's a matter of tool-choice ie. if you are going to type letters then don't buy a PIII or if you're going to play games don't use a 386sx.

What exactly are your definitions of "SECURE YOUR STUFF. TWICE!" and "secure it"?
Oh and don't forget the combined variations of *nix platforms are on average subject to more security alerts per year than M$ variants.

-Dude you're doing it again. If you don't know what 'securing' your server means then go back to system administration 101.
-Well I could say that's because ppl actually work on *ix m8 but it's not worth it. Go to http://www.securityfocus.com/

If your paying for dedicated server hosting security should not be your responsibility anyway....thats why you use a hosting company. Your only security concerns relate to the applications your writing.
-true. if you rent a server then the company you rent should do it. But you indeed have the responsibility for what runs on your box AND then some.

Yes I am a Microsoft Fanboy(TM) before anyone pipes up :)
-not your fault m8. I still respect you as a person :)

-tdc

[Edited by testin_da_cable on 25-10-00 at 15:11]
 
O

old.Spikeh

Guest
I see this is turning into a slanging match :|

I will be dveloping a site that it going to generate a _lot_ of hits per day soon... suggest to me what I should use... what I should invest in first and what languarge/platform/setup etc I should use.

Obviously it wont generate many hits straight away, but if we get it right, it will be v popular... and I want to be ready :) This is why I'm asking these questions, as I'm concerned about the capacity and setup of our server.

Suggestions? Any will be helpfull :)
 
T

Testin da Cable

Guest
Got another one for you Spikeh:
Get in touch with a bloke called DBs. You can prolly catch his attention in the PHP thread. He's one of the BW administrators, and I believe he runs this MB amongst other things. He can prolly give you some very good tips being that this MB is written in PHP with a db backend. Rember to ask nicely tho :)

Also: have you any more [specific] questions that we can help you with? Ie. we can be more effective when pointed in the direction you want us to go m8.

-tdc
 
O

old.Spikeh

Guest
Yeh - I was thinking of talking to DBs a while back, but that was in the middle of the migration of BW :D I might take that up actually, thanks for reminding me :)

Specific Questions, well I suppose I want to know what everyone else thinks I should use for a high-use db... SQL server? MySQL ? Access is no way going to cope with the stress of what this site will bring... plus the SQL you are limited to is rather petty :( Other suggestions would be nice :) And what to run on them
 
O

old.Comatosed

Guest
TDC...
I was blatently taking the piss with the security references. The question still stands tho, you can't just post "SECURE IT" like its an option you select at install. Its like saying "PROGRAM THAT PROPERLY" to a developer :)

why should you make your customer pay for the tools you use?"

They'll pay somewhere along the line. Pay little/nothing for the 'tools' at the start and it'll cost more later. Same as when you hire shoddy unix adminstrators ;)

-Clusters&transaction support? Dude don't make me laugh. If Spikeh needs such a thing then he will use an appropriate DB.

Err isn't the whole point of this thread that Spikeh isnt sure what he needs? If you've no idea what cluster/transaction/stored proc support is please feel free to ask ;)
(joke!)

Spikeh ...

You need to be more specific about what this application/site is going to do Spikeh.

A freebie like MySql may well do the job if your looking at a Barrysworld style website. Lack of stored procedures would piss me off as a developer though.

Access can certainly perform far better than many people think as a website backend. Again if its mostly read, doesn't need transactions/stored procs and you don't need text searching etc.
I've run load tests with online catalog type sites using access where access would start struggling at over 20 concurrent users (using IIS logfiles to build browsing profiles). That was averaging 10 page hits a second.

SQL provides a great many tools to make development and administration a doddle, its bloody fast and doesnt seem to break 'too' often :)

Comes at a cost though...not checked lately but your probably looking at £7000+ for the license.

Give us a better hint at what the system will be doing and people will be able to give better suggestions. Try #webdev on quakenet during the day if you'd prefer not to post the details on here :)
 
O

old.Spikeh

Guest
Coma - U know I live in #webdev anyway - u guys are possibly the most useless I know :) (Joke!!!) :pP

Basically - the site will have news, user database (many, many users... starting at 100 + ending, unlimited really (50K + ?) - again I'm not sure of the scope :), basically like a Barrysworld site, in a little more depth (And focus on a certain aspect - heavily).

OK, ok - it's a gaming site, I might as well give you that much info... There will be a lot more info and stuff on there than normal gaming sites, and with the ideas we have, we anticipate a _lot_ of users. The main thing is, that for now, it wont be fully featured, but it will be expanding quickly and I want to make it as painless as possible.

I also have another site (The F1 site I talk about a lot) that desperately needs optimisation and with the F1 Season just ending, I'm going to be revamping and restructuring the site. 20,000 hits a month isnt big, but with that and all the other sites on our server, we are starting to struggle :)

I really need to be able to optimise my querys mainly... Access pulls data you don't need, and it's eating up system resources :(.

Argh... linux/nt - linux/nt - linux/nt ARGAGRR!!! I need someone who can work with me full time and do it all for me... I got too much on :(
 
T

Testin da Cable

Guest
aha well with your latest post my good Doctor, I realize I could have been more clear in my own ones.
here I go:

security...to me it's lots of stuff (tho this is mostly *ix the jist of it goes for all os's also remember there is no 'right' way ie. putting a box on the internet will force you to compromise):-never run something you won't use-use encryption when talking to your server(s)-when running an application/daemon/etc.run it as the user you want/with the rights you want/in the place you want-use weird passwords: 'agD@#sO927' is _lots_ better than 'angela11'-never trust/use default values, allways find out what they are-don't put important stuff in obvious places or run private services on obvious ports-root user or [sic] domain admins passwords are ment to be _hard_-never be logged on as a superuser unless you _need_ to be[I'll bet Flatus knows that well :)]-read your logs _carefully_-know what is running and when-read up on the stuff you're using 'specially the security issues don't forget 'if you can't find a paper on it doesn't mean it's un-crackable'-move obvious ports like telnet(23) somewhere wacky-use-system 'hardeners' these application suites probe your box for weaknesses and tell you about 'em some you can buy some are free/gpl/bsd licensed-be paranoid-someone will find a way eventually-and several more things I'm forgetting cos it's half two in the morning :)

as to what ppl pay [or not]: difference of opinion m8 :) there are arguements for both sides and I do understand what you mean, just don't agree witcha :)

databases....my impression is that the bloke who asked the question in the first place is capable [correct me if I'm wrong tho m8] of finding out what kind of product he will need based on his wishes/experience/budget. My advice at this moment is still MySQL or, if more robustness is needed, perhaps a commercial linux-based db. However Spikeh says he has the most experience with MS but a WIN32 db automaticly means purchasing one. He will need to have a good think before making the call on this.

It's late, I'm off to bed. Nite all!

-tdc
----------
heh you beat me to the post Spikeh m8 :)
heres an update:
-lots of users in/on your databases and news n suchlike? I'd go heavier than MySQL for that so you'll have room to grow even further.
-I really hope you'll find someone nearby willing to help out [good idea 'specially in the beginning of a project] or I'm afraid you'll be a very busy lad for a time :)

[Edited by testin_da_cable on 26-10-00 at 00:42]
 
O

old.Comatosed

Guest
U know I live in #webdev anyway - u guys are possibly the most useless I know

You must be one of the silent idlers...didn't recognise you from there :)

OK, ok - it's a gaming site, I might as well give you that much info

So budget is going to be an issue i guess? Probably best to look at the freebies then unless someone can stump up the £7000 odd you'll need for a SQL server license.

I really need to be able to optimise my querys mainly... Access pulls data you don't need, and it's eating up system resources

Access only pulls the data you ask for, can't see what you mean by that. Theres plenty of people in #webdev that can look at improving query performance, so long as you can identify where problems are occuring and not just hand over a pile of pages with a "can anyone fix this" type request :). Give me a shout anytime, always willing to help if I'm not too busy, as are most of the others that actually contribute (Baz, Scara, Trebz).

Are you sure its the queries that are slow and not shite code? :)
Number of times I see people opening dynamic cursors on recordsets which they then just write out to a page etc :)

Use a timer script and/or performance monitor to more accurately identify the bottlenecks.

I need someone who can work with me full time and do it all for me... I got too much on

Cash only please, no cheques ;)
 

Deebs

Chief Arsewipe
Staff member
Moderator
FH Subscriber
Joined
Dec 11, 1997
Messages
9,076,920
Yoohoo, I am alive!!

Anyway, BarrysWorld does not use MySQL for its main site, god forbid its no where near being able to do what we want with it.

We use MsSQL for several reasons:

Performance, commercial backing, stored procedures (we have over 700k of stored procedures running various bits of our applications), logging of all stats across the entire BW network including syslogd messages, triggers, automatic query optimisation, self tuning. Our SQL box is a mean mofo but is hardly breaking a sweat.

MySQL is good for small to medium size sites and for those who don't need the features of the other "commercial" db engines like Oracle, Sybase, MSSQL etc. I plan to offer MySQL to hosted sites real soon along with PHP4.

As for ASP, BW use it due to the number of MTS components we have running. A lot of our software is multi tiered so we can scale if we need to and spread the load very easily, also makes for better performance for us.

I am using Apache/Linux/PHP/MySQL/ctlib for our hosting solution for hosted sites, the whole process is driven from our MSSQL server again down to the linux farm I have built for this. Very swish, but again, we like to store all BW information in MSSQL.

DBs
Technical Director and Co-Founder not an administrator :p
 
O

old.Muad

Guest
Interesting...

Hi,

I'd be interested to read your proposal for the new BW hosting. To provide PHP and MySQL to a number of people on the scale at which BW operates I would think security could be an issue. How do BW plan to manage and control the security aspects of PHP on their hosting servers? What protocols will be in place to regulate scripts and ensure the security of the machines?

Also, what administration interface do BW plan to use when allowing hosted sites to access the MySQL DB. Do you intend to provide access to a product such as phpmyAdmin or another 3rd party product?

Regards

Muad

Site Administrator www.xdev.net
muad@xdev.net
 

Deebs

Chief Arsewipe
Staff member
Moderator
FH Subscriber
Joined
Dec 11, 1997
Messages
9,076,920
Heh, I knew this would happen.

Firstly security,

I have implemented all of the security features that PHP allows. This includes the safe_mode directive and the base_dir directives etc.

As for apache, that too has been configured to stop attempt to do naughty things as much as I can do it for now.

MySQL: Yes, each user can use their loginname and PW to login to PHPMySQLAdmin and they can then see their own db/tables and noone elses, extended auth I think they call it if I can remember.

I really don't want to go into too much about what I have done on the servers in a public forum, suffice to say I have put the best measures in place I can that I know off. No system is every 100% secure and you would be a fool to think otherwise.

DBs
 
O

old.Muad

Guest
hehe

heheh,

Sounds like the BW hosted sites are going to be getting some cool hosting then. I hope all works as planned. What’s the date for activation on the new servers?

The reason I asked mainly was because we use similar methods at Xdev for our developer hosting. We need to give developers more room, but also keep our own security!

Regards

Muad


[Edited by Muad on 26-10-00 at 14:08]
 
O

old.Reverend Flatus

Guest
_-never be logged on as a superuser unless you _need_ to be[I'll bet Flatus knows that well ]-

Ho yus! Sooo easy to completely bugger things up, believe me <sob>...set up users with the appropriate permissions to do specific tasks.
 
T

Testin da Cable

Guest
you bet rev'd!!
you know I was actually supprised that my unix would destroy the filesystem it was running on :):)

live and learn....
 

Users who are viewing this thread

Similar threads

W
Replies
3
Views
522
Wilier
W
M
Replies
4
Views
590
W
W
Replies
2
Views
514
W
L
Replies
5
Views
582
L
K
Replies
6
Views
703
[UKLans]Khan
U
Top Bottom