Building Your Own Internet Site
When I needed to build a development and demonstration system to start my own Internet-based business, I decided to explore how to build an Internet site for education and low-end business support. The technologies I chose allow an individual to build a site he or she can control and use for experimentation.
If you own your own site, you have complete freedom to explore technologies like Internet security, CGI (Common Gateway Interface) and Java servlet development. Much of the work in this area is handled behind the doors of an ISP (Internet Service Provider); there are significant costs involved in CGI and other server-side programming.
These technologies are difficult to deal with, since they may introduce security flaws to an Internet site. Trying to stress the security would certainly stress the system administrator. Features like CGI and Java Servlets are programs that attach to the back side of a web server. The owner of the web server would be negligent if he simply allowed a customer to add programs without serious testing.
When you are using an ISP, you are limited by the ISP to specific technologies. Many ISPs will not permit CGI and Java servlet programs to be used with even their basic ISP plans. More advanced business plans often allow CGI or Java servlets, but will restrict upgrades to your site by requiring that you pay them to test your code before it goes live. This introduces delay, and control limitations that may prohibit some features from being deployed on your site.
To the small business, a personal Internet site offers flexibility that is usually the domain of larger competitors. When you own the site, you can make changes quickly and at relatively low cost. You must also bear the responsibility for maintaining a secure site and liability for the content of the site.
To keep the cost of our proposed “Personal Internet Site” low, the majority of the software used will be freely available operating system, programming tools and network software. The Free Software Foundation and thousands of developers around the world have contributed to a large base of freely available software. The availability of free or nearly free software makes constructing the system outlined in this article an achievable goal.
The initial system will consist of several Intel-based personal computers running Linux. For this project, I have selected SuSE Linux 5.3. This is a recent distribution, with support for most of the features needed for an Internet site. The system will support a web server with a Java servlet runtime module. This configuration supports dynamically created web pages using a JDBC (Java Database Connectivity) compliant database.
Three PC class systems (AMD 5x86 133) and two K6-2 systems at 300+ MHz will constitute the processing core of this site. One system will handle firewall, proxy and routing duties. (For details on setting up these services, see “My Linux Home Network” by Preston Crow in this issue.) These are the services that allow our site to be visible to the Net and able to see the Net safely. The other systems will support production services and development support, respectively. Possibly an old 486 DX2 66 will be dusted off for a very light Internet appliance task.
An appropriate modem supporting the physical and link-level connectivity will be installed on the slowest system that can keep up with the data stream while handling the task of firewall chores, DNS and routing. By trimming the OS down to minimal-required functionality, it can be small enough to allow an older machine to be used for this dedicated connectivity task. The Linux Router Project (LRP) has a minimal configuration defined to support systems as small as a 386SX 16 with 8MB of RAM. (For details, see “The Linux Router Project” by David Cinege, LJ, March 1999.) This is an input- and output-intensive process, and it doesn't take much computer to keep up with a 128KBps data stream.
The Linux OS with networking support for IP configuration will be standard on all systems. In order to best optimize the OS, I have reconfigured and compiled the Linux kernel using the parameters required to provide networking features for an Internet site. This includes all support for the hardware network interfaces as well as IP networking and firewall options. All nonessential capabilities, such as multimedia features, are removed.
Web support consisting of the Apache web server with Java servlet extensions is already installed and running. Early prototyping of production systems will include Java JDBC server-side support. (See “Using Java Servlets with Database Connectivity” by Bruce McDonald, LJ, June 1999.) Database chores will initially be handled by PostgreSQL. (See “PostgreSQL—The Linux of Databases” by Rolf Herzog, LJ, February 1998.)
Fast Ethernet is used between the existing systems at the site. Systems not visible to the Internet will use IP (Internet Protocol) masquerading to enhance their security. (See “Setting Up a Linux Gateway” by Lawrence Teo in this issue.)
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- AdaCore's SPARK Pro
- Open-Source Project Secretly Funded by CIA
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide