[Linux] Apache and security questions

Steven Benmosh linux@flux.org
Tue, 8 Jan 2008 22:16:26 -0600 

------=_Part_10363_32771827.1199852186927
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Ok, by now you know I am trying to set up a new web site. I have two
questions.

1. Here is my sites-available default file:
...
default file that comes with the server
...

<VirtualHost *>
        ServerAdmin admin@words2u.net
        ServerName www.words2u.net
        ServerAlias words2u.net
        DocumentRoot /home/words2u
</VirtualHost>

<VirtualHost *>
        ServerAdmin admin@words2u.net
        ServerName gpx.words2u.net
        ServerAlias words2u.net
        DocumentRoot /home/words2u/gpxwiki
</VirtualHost>

When I use www.words2u.net or words2u.net, I get the correct page. When I
use the IP address, I get /var/www default page, as expected. But when I run
gpx.words2u.net, I get an error message.

Where am I going wrong? Do I have to run my own dns server to enable urls
other than www.words2u.net and words2u.net?

2.Security

What is the best way to isolate my net server from the other computers in my
network, so if/when someone breaks in, the rest of the network is safe? Use
firewall on each computer to block access to the web server? Any other idea?

Thanks.

Z.

-- 
Check out my web site - www.words2u.net

------=_Part_10363_32771827.1199852186927
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Ok, by now you know I am trying to set up a new web site. I have two questions.<br><br>1. Here is my sites-available default file:<br>...<br>default file that comes with the server<br>...<br><br>&lt;VirtualHost *&gt;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerAdmin 
<a href="mailto:admin@words2u.net">admin@words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerName <a href="http://www.words2u.net">www.words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerAlias <a href="http://words2u.net">words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DocumentRoot /home/words2u
<br>&lt;/VirtualHost&gt;<br><br>&lt;VirtualHost *&gt;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerAdmin <a href="mailto:admin@words2u.net">admin@words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerName <a href="http://gpx.words2u.net">gpx.words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ServerAlias 
<a href="http://words2u.net">words2u.net</a><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DocumentRoot /home/words2u/gpxwiki<br>&lt;/VirtualHost&gt;<br><br>When I use <a href="http://www.words2u.net">www.words2u.net</a> or <a href="http://words2u.net">words2u.net
</a>, I get the correct page. When I use the IP address, I get /var/www default page, as expected. But when I run <a href="http://gpx.words2u.net">gpx.words2u.net</a>, I get an error message. <br><br>Where am I going wrong? Do I have to run my own dns server to enable urls other than 
<a href="http://www.words2u.net">www.words2u.net</a> and <a href="http://words2u.net">words2u.net</a>?<br><br>2.Security<br><br>What is the best way to isolate my net server from the other computers in my network, so if/when someone breaks in, the rest of the network is safe? Use firewall on each computer to block access to the web server? Any other idea?
<br><br>Thanks.<br><br>Z.<br><br>-- <br>Check out my web site - <a href="http://www.words2u.net">www.words2u.net</a>

------=_Part_10363_32771827.1199852186927--