Security first with the Hiawatha web server

Small but Safe

Configure a Virtual Host

The following settings define a virtual host in the configuration file:

VirtualHost {
  Hostname = www.thisisagreatwebsite.com, \
    *.thisisagreatwebsite.com
  WebsiteRoot = /var/www/thisisagreatwebsite
  StartFile = index.html
  ErrorHandler = 404:/index.html
}

These settings tells Hiawatha to answer requests for http://www.thisisagreatwebsite.com and also for http://whatever.thisisagreatwebsite.com , where whatever can be any text at all (if these names exist in DNS).

Hiawatha will look for the HTML for this website in /var/www/thisisagreatwebsite/, and the start file is index.html. When you ask for a page that does not exist, webservers give an 404 error; in this case, the missing page will be the start page: the ErrorHandler setting takes care of that in this example configuration. This trick makes sure broken links will end up at the start page. Next, create a directory:

cd /var/www
mkdir thisisagreatwebsite

and copy the default website page of Hiawatha, inserting the Greatwebsite keyword:

cat /var/www/hiawatha/index.html | \
  sed 's/Installation successful/Greatwebsite/' >\
  /var/www/thisisagreatwebsite/index.html

Adjust the file rights so the web server can read those pages

find ./thisisagreatwebsite -exec chown www-data:www-data {} +
find ./thisisagreatwebsite -type d -exec chmod 1774 {} +

You need to re-run the two find commands if you add new files to the website files while being root: since you log in as root via SSH, you need to change file rights so the website can read them.

ls -all  /var/www/thisisagreatwebsite

should now show the following:

drwxrwxr-T  2 www-data www-data 4096 Dec 30 17:34 .
drwxr-xr-x 26 root     root     4096 Dec 30 17:34 ..
-rw-r--r--  1 www-data www-data 1768 Dec 30 17:34 index.html

Restart the web server to test:

service hiawatha check
/etc/init.d/hiawatha restart

Configure DNS or Your hosts File

Now you can see if the website actually works. You have to make sure www.thisisagreatwebsite.com resolves in DNS to the IP address of your web server.

For testing purposes, you can adjust your local hosts configuration. In Windows, open file C:\Windows\System32\Drivers\Etc\hosts with administrator rights. Add a line like the following:

192.168.0.115 www.thisisagreatwebsite.com

In Linux, find the etc/hosts file and add the new address. Next, you can restart your browser and point it to www.thisisagreatwebsite.com . You should see your new website in your browser.

Troubleshooting

Things might not go so smoothly for your new website. The following command:

service hiawatha check

will report errors in your config file.

/etc/init.d/hiawatha restart

can also report errors; for instance, when loading certificates fails.

Have a look at the Hiawatha access logfile with:

tail -f /var/log/hiawatha/access.log

To view the error log, enter:

tail -f /var/log/hiawatha/error.log

Start your web browser and surf to www.thisisagreatwebsite.com .

If you can ping your website by IP address but not by its domain name:

ping www.thisisagreatwebsite.com

you know the problem is related to DNS and not Hiawatha itself.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Getting a free TLS certificate from Let's Encrypt
    A free TLS certificate from Let's Encrypt means you can add encryption to your network for no cost, so you don't have any more excuses for failing to encrypt.
  • WordPress, Joomla, and Drupal compared
    Open source content management systems have an abundance of extensions scattered across the web. We compare the features of three CMSs against various consumer requirements.
  • Port Knocking
    To ensure that the data on your computers remains accessible only by you and those with whom you want to share, we look at the advantages of combining TCP Wrappers and port knocking.
comments powered by Disqus