kanotix.com :: Thema anzeigen - lampp control panel

kanotix.com

Software - lampp control panel

jack--ren - 24.08.2006, 22:34 Uhr
Titel: lampp control panel

I installed lampp to use as a sever for my homepage and I wanted to
install the control panel too ,to easaly switch on and off lampp, so I did:
root@jacksbox1:/home/jack# python /opt/lampp/share/xampp-control-panel/xampp-control-panel.py

this was output;

Error importing pygtk2 and pygtk2-libglade

searched for these packages with synaptic but couldn't find them,
what packages need to be installed to get this working?

slh - 24.08.2006, 23:44 Uhr
Titel: RE: lampp control panel

Debian packages for all components covered by xampp are available in Debian and easily installed with apt-get, additional advantages are better debian integration and proper security support so you might consider getting rid of xampp.

jack--ren - 25.08.2006, 07:42 Uhr
Titel: Re: RE: lampp control panel

slh hat folgendes geschrieben::

But if I do so, will I have a nice simple gui frontend to easily start and stop
all serviceses like apache mysql and proftd?

I know how too on commandline but I rather have a gui frontend so some oneelse can do it too.

slam - 25.08.2006, 08:24 Uhr
Titel: Re: RE: lampp control panel

On a Debian Server the best integrated and Open Source control panel is SysCP:
http://www.syscp.org
If it is just to stop and start services, you can easily create yourself simple clickable links and put them on the desktop or into the the KDE-menu. If you need help with that, let me know.
Greetings,
Chris

h2 - 25.08.2006, 09:12 Uhr
Titel: RE: Re: RE: lampp control panel

Even the xamp people say not to use it as a live web server.

I'd say let me know when your box gets hacked, but you'd probably not even know it happened.

Your odds are probably better with the debian packages.

apache2 -k restart

is not a very hard command to learn. Same for mysql etc.

If you're going to run a live web server you have to expect to get hacked, and if you are going to try to run an ftp server, it's almost guaranteed.

Make sure you install a very aggressive firewall, like guarddog, and set the ports to the absolute bare minimum required to function, in and outbound.

One of my favorite sites, won't mention it here, lists day by day mass, automated attacks on linux, windows, and, rarely, bsd web servers. The more layers of software you put between the servers and the web, the more likely there will be security holes that you won't hear about until it's too late.

Last time I tried running a web server, I watched the logs, and within a few hours of putting it liveoneline, it was getting a non stop series of attacks. I pulled it offline, and decided to not do that again until I was much better at this stuff.

And remember, only the failed or amateur attacks get logged, the good ones know how to wipe their tracks.

jack--ren - 28.08.2006, 13:06 Uhr
Titel: Re: RE: lampp control panel

slam hat folgendes geschrieben::

can you tell me how to make an entry in kde-menu for
/opt/lampp/ start and /opt/lampp restart ?

slam - 28.08.2006, 13:51 Uhr
Titel: Re: RE: lampp control panel

You may start any exisitng script from the menu by adding a new entry there, and using a the correct command line entry, i.e.:

Code:

kanotix-su /usr/sbin/sshstart

for starting SSH.

But be warned: It is not a good idea to start Apache or Mysql that way, because you miss possible error messages - and Lampp is definitely useless on Debian, as already said above.
Greetings,
Chris

phen - 28.08.2006, 16:26 Uhr
Titel: RE: Re: RE: lampp control panel

whats the reason for lampp being useless for debian (means, are those security-holes that massive)?
what alternatives are there and are they as easy to configure as lampp?

titan - 28.08.2006, 18:03 Uhr
Titel: RE: Re: RE: lampp control panel

I have no experiance of running a live web server but I think Xampp has a use for testing various web applications on your own pc. I am playing with Xampp/Joomia at the moment, seems sensible to get familiar with it locally rather than on a remote server.

phen - 28.08.2006, 18:26 Uhr
Titel: RE: Re: RE: lampp control panel

my use for xampp is getting my data online - so i can access it from university and institutes via http. never heard of it being insecure.. Geschockt

but i'm no ITist and not very familiar with this stuff.
what is joomia? kind of a lampp-derivate? secure Winken

slh - 28.08.2006, 19:25 Uhr
Titel: RE: Re: RE: lampp control panel

linux-image-*, apache2, mysql-server-5.0, php, perl are all included in debian and just an apt-get away, what use would unpackaged cruft like xampp would be on a system that can all do that on its own, properly integrated and packaged (and under security control)?

phen - 28.08.2006, 19:53 Uhr
Titel: RE: Re: RE: lampp control panel

i thought read about lampp was sort of easy-to-configure-apache-tool.
i know how to configure lampp - is it possible to use it for the packaged apache one or should i completely get rid of lampp and get into this apache2 thing?

thanks for your convenience!

h2 - 28.08.2006, 21:00 Uhr
Titel: RE: Re: RE: lampp control panel

Zitat:

what use would unpackaged cruft like xampp would be on a system that can all do that on its own, properly integrated and packaged (and under security control)?

Exactly right. For people thinking about setting up ftp/webservers, please, give it some thought. When you expose a server to the live web, you are exposing it to a world full of potential crackers, all of whom would love to take over your server for fun and profit.

And if you find yourself wanting an 'easy', a 'point and click', a 'user friendly' interface to run that server with because you don't know how to run it, it's almost certain that your server will fall victim to someone taking it over.

Don't set up web servers if you dont' understand what the implications are, and if you can't learn how to do the basics, like starting apache from the command line. For local development purposes, it's fine, but you should still use the debian packages, apache, mysql, postgre, php4 or 5, etc.

Securing a system against a constant wave of probes and attacks is not nearly as simple as just running linux, don't fool yourselves.

Here's a simple test I'd suggest: if you don't know how to stop or start a service, you have no business running a webserver that has a live connection to the internet.

titan - 28.08.2006, 21:55 Uhr
Titel: RE: Re: RE: lampp control panel

From what I can see most hosting providers will provide a LAMP setup for most customers. ie most Kanotix users They usually provide a control panel Cpanel or fantastico which allows set up of most of the popular web application such as Wordpress , Drupal, Joomia, Gallery, etc. Apt installs Lamp on your local pc which is not a lot of use unless it is a web server. I tried this route to try out Wordpress and found it far from simple as the Apache and Wordpress howtos conflicted, same for Drupal. For local use just sandbox testing Wordpress, Joomia etc Xampp has a use, not integrated, files all in one place not spread all over the system, easy to remove.

phen - 29.08.2006, 01:58 Uhr
Titel: RE: Re: RE: lampp control panel

ok, it's quite late already.. lampp/xampp was recommended to me in this forum maybe a year ago, and setting it up wasn't a big problem. starting it on commandline wasn't hard too: to enter su, then enter one command and then exit su again is no effort. but all this time (following appropriate posts in this forum here) i thought the suggested method (lampp) would be a safe thing.
i'll take some time (..) and check differences lampp-apache and change it over. thanks.

slam - 29.08.2006, 09:19 Uhr
Titel: RE: Re: RE: lampp control panel

Here is a collection of very well written articles, describing step by step installation and configuration of a web server http://www.debianhelp.co.uk/debianserver.htm. But - as already said above - don't under-estimate the dangers of running a public web server without ongoing security and hardening work. If you server is compromised and taken over by a cracker, you might even be legally responsible for the stuff he does there ....

And don't forget, if this is also your home machine, in case of compromise all your private data will be gone, too.

A web server is not a static thing you set up and forget, it needs ongoing work and updates to stay secure. If it is just for locally testing and developing sites that require Apache/PHP/MySQL, don't believe that would be different. You need to completely cut it off the internet, otherwise you risk exactly the same. Specially the Xampp packages from the Server-Friends are dangerous, because they are mostly not updated AND come in a completely open and unsecured state (Let me add, they are mostly developed to give Windows users an easy and unsecure approach to a web server, I never understood why they do Linux packages, too. Probably just because it's very easy to do so.)

The Debian packages on the other side already come pre-configured, and most of this pre-configuration is secure. If you keep your system up-to-date with dist-upgrades, you have a system in good state.

Mirroring at home exactly the same configuration your hosting provider is running, is not simple and some times even impossible. But web space on professionally run servers has become very cheap (and even free), so please consider using that for your testing. It's usually very trivial to set up the web application (Gallery, Postnuke, whatever) on a non-public sub-domain, while running your production site on the main one. Let me add that this is also better practice, because you should always test your stuff at exactly the same server configuration. When you're done, just move from sub- to main domain. All professionals i know do exactly that.

Greetings,
Chris