Linux & Server Admin Articles

A friend of mine, Elliot Swan got hacked - one of his JavaScript files had been modified to contain some sort of advertisement. Here are a few tips you can do to lock your server down, starting with simple things and getting more advanced at the bottom.

1. Change your web hosting password.
2. Change your SSH / root login username (if possible) and password.
3. Change your FTP username (if possible) and password.
4. If you changed your FTP username, chown the files to the new user through SSH by typing "chown -R username:usergroup YOUR_WEB_PATH". If you don't know the usergroup, check out the current files by typing, "ls -la YOUR_WEB_PATH"
5. Change your permissions to the lowest number to allow your website to still work, this might be 444, 644, 655, 744, or 755. "chmod -R 755 YOUR_WEB_PATH"
6. make sure there are no authorized keys found in your "~/.ssh/" folder. Type "ls ~/.ssh", and then "rm authorized_keys" if it is there unless of course you use that for authentication. Authorized keys allows you to ssh without a username and a password, because you put your id on your computer and on the server.
7. (tip via friend, Grant Wood) There is a linux service called, "aide" that can email you when files are changed, but that is fairly intense to setup.
8. (tip from friend) Check your log files in /var/log to make sure there is no unauthorized connections that you haven't made.
9. Update your php.ini file with better PHP settings.
10. Upgrade any installed CMS or web-based software.

If all else fails, switch web hosts or hire a server admin, because you are screwed.

Note to Regular Readers: I have landed a client that I'm doing front-end work for on Ruby on Rails, so I might start posting Rails stuff from time to time... BEWARE! =)

+ on  

After getting rails installed on mac and Rails through Mongrel on Media Temple (dv) and running through the getting started with rails guide I was having issues installing MySQL ruby gem.

When I created a new rails app with rails blog -d mysql, it complained about not having mysql gem installed. Then that iis hwere I got an error installing the gem.

$ gem install mysql

Here is the error I was getting:

Building native extensions.  This could take a while...
ERROR:  Error installing mysql:
    ERROR: Failed to build gem native extension.

/usr/local/bin/ruby extconf.rb install mysql
checking for mysql_query() in -lmysqlclient... no
checking for main() in -lm... yes
checking for mysql_query() in -lmysqlclient... no
checking for main() in -lz... yes
checking for mysql_query() in -lmysqlclient... no
checking for main() in -lsocket... no
checking for mysql_query() in -lmysqlclient... no
checking for main() in -lnsl... yes
checking for mysql_query() in -lmysqlclient... no


Gem files will remain installed in /usr/local/rubygems/gems/gems/mysql-2.7 for inspection.
Results logged to /usr/local/rubygems/gems/gems/mysql-2.7/gem_make.out

On Mac I fixed it by adding mysql config paramater.

sudo gem install mysql -- --with-mysql-config=/usr/local/mysql/bin/mysql_config

On the Media Temple (dv) I fixed the error by using a different path to the mysql_config.

gem install mysql -- --with-mysql-config=/usr/lib/mysql/mysql_config

I wanted to update SVN every 5 minutes on my Media Temple grid service (gs) account. Here is the steps I took to make that happen.

First, I created a shell script with the SVN Update (I'll show how in a minute). I got this error:

Error validating server certificate

For some reason SVN wasn't reading my trusted server list, so I asked (mt) about it.

Josh Kline at Media Temple pointed out the issue. I'm not sure why this isn't documented somewhere, so I'm blogging it.

SVN looks for the config, including the trusted server list, in $HOME/.subversion
Your cron jobs run with HOME=/home/#####, but when you ssh in HOME=/home/#####/users/.home
running svn with --config-dir /home/#####/users/.home/.subversion will fix the problem.

That said, here are the steps to get SVN to auto update every 5 minutes. SSH in, you will have to go through the steps to enable SSH.

cd data
mkdir scripts
vi cron.sh

Bash:

cd data
mkdir scripts
vi cron.sh

In your cron.sh, use the config command that Josh suggested (replacing ##### with your id)

svn update SVN_PATH --config-dir /home/#####/users/.home/.subversion

Bash:

svn update SVN_PATH --config-dir /home/#####/users/.home/.subversion

Go into the (mt) control panel under Cron Jobs and configure one to run your shell script.

There you have it, you now have svn auto updating on shared hosting.

Update July 30, 2008: The Google crawl appears to be fixed, the search results look good now, so this issue is resolved! Hoorah.

 Update July 23, 2008: There is great discussion going on on Sphinn about this issue.

I was shocked after searching Google today, Google is currently redirecting to my homepage and not the actual page searched for.

"Why is this?" I thought to myself.  I tried the url that you should get... http://marcgrabanski.com/pages/code/jquery-ui-datepicker ... ok that works fine.

Now try the old url that has most of the link juice attached to it which has a 301 redirect to the new page... http://marcgrabanski.com/code/ui-datepicker/ ... ok that works fine too.  So what is going on?

First, I go to Google Webmaster and see this, an SEO's nightmare:

Time to check my 301 redirects:

And on another 301 redirect tool:

Well that worked great.  Still, what is the issue?

To make absolutely sure my 301 redirects work, I dumped the text redirects into a htaccess file.  My htaccess code now looks like this:

   AddDefaultCharset UTF-8
   DefaultLanguage en-US


RewriteEngine On
RewriteBase /
RewriteRule ^index\.php http://marcgrabanski.com/articles [R=301,L]
RewriteRule ^code\.html http://marcgrabanski.com/pages/code [R=301,L]
RewriteRule ^code/beyond-flash(/?) http://marcgrabanski.com/pages/code/beyond-flash [R=301,L]
# MANY RedirectRules ... ALL WORK FINE

RewriteCond %{HTTP_HOST} ^www.marcgrabanski.com$ [NC]
RewriteCond %{REQUEST_URI} !.*tags.php.* [NC]
RewriteRule ^(.*)$ http://marcgrabanski.com/$1 [R=301,L]

RewriteCond %{REQUEST_FILENAME}.php -f
RewriteCond %{REQUEST_URI} !/$
RewriteRule (.*) $1\.php [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)/$ /$1 [R=301,L]

RewriteRule    ^$    webroot/    [L]
RewriteRule    (.*) webroot/$1    [L]

AddHandler php5-script .php

Apache:

<FilesMatch "\.(htm|html|css|js|php)$">
   AddDefaultCharset UTF-8
   DefaultLanguage en-US
</FilesMatch>
 
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php http://marcgrabanski.com/articles [R=301,L]
RewriteRule ^code\.html http://marcgrabanski.com/pages/code [R=301,L]
RewriteRule ^code/beyond-flash(/?) http://marcgrabanski.com/pages/code/beyond-flash [R=301,L]
# MANY RedirectRules ... ALL WORK FINE
 
RewriteCond %{HTTP_HOST} ^www.marcgrabanski.com$ [NC]
RewriteCond %{REQUEST_URI} !.*tags.php.* [NC]
RewriteRule ^(.*)$ http://marcgrabanski.com/$1 [R=301,L]
 
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteCond %{REQUEST_URI} !/$
RewriteRule (.*) $1\.php [L]
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)/$ /$1 [R=301,L]
 
RewriteRule    ^$    webroot/    [L]
RewriteRule    (.*) webroot/$1    [L]
 
AddHandler php5-script .php

Update July 23, 2008 @1:24AM: I changed all of the Rules to RewriteRule's which has cleaned up most of my 301 redirects.  One issue remains, I need to figure out how to make a RewriteRule to convert:
http://marcgrabanski.com/tags.php?tag=FreeTools
to...
http://marcgrabanski.com/tag/free-tools  

Yet again I was saved from a catastrophic failure by using SVN.  If you are not using SVN or some sort of version control I highly recommend using SVN as it will save you from losing your work time and time again.

SVN Reverse Merge

The common way to roll back a change is the reverse merge. You are taking the old revision and merging it into your working directory.  For instance, here we could merge revision 117 into our working directory with this command:

svn merge -c 117 ./

Bash:

svn merge -c 117 ./

In the case of a corrupt check in, this may not be possible.  SVN was essentially "stuck" for me at a revision because of some errors that occurred (don't ask me how I got to this point, lol).  So I had to come up with another solution...

"Side Steping" Latest Revisions

SVN was corrupted at revision 118+ and so I could not get anything working if I svn updated to the latest.

So, I came up with this, "side steping" method where you can roll back to an old revision without having to svn update to the latest revision.  To pull it off, we first need to delete the latest working copy, then we resurrect the old revision.

1. Delete the current folder in SVN that contains the corrupted file folder.
   

   svn delete file:///svnroot/domain.com --message 'deleting corrupt revision'

   Bash:

   svn delete file:///svnroot/domain.com --message 'deleting corrupt revision'

2. Resurrect the stable revision (in this case #117) with SVN copy. The -r flag allows us to enter the revision number that we want to resurrect.
   

   svn copy -r 117 file:///svnroot/domain.com file:///svnroot/domain.com --message 'resurrecting the old revision'

   Bash:

   svn copy -r 117 file:///svnroot/domain.com file:///svnroot/domain.com --message 'resurrecting the old revision'

3. Check out the latest from SVN and you are back on the road!
   

   svn co file:///svnroot/domain.com

   Bash:

   svn co file:///svnroot/domain.com

If you are not sure what revision to roll back to, you can always use svn log to review your previous commits to find the stable revision number. 

This method sure has saved me from what could have been a world of coding pain.

A good thing to do when deploying CakePHP websites is to load one copy of the CakePHP core files onto your server, and point all of your domains to that core directory. 

Media Temple's Plesk default configuration does not let PHP access files outside the website httpdocs. So we need to configure the domain's settings to have access to the root /cake folder, or wherever you happened to put the CakePHP root files.

First, let's make a new config file in our domain. Make sure you replace domain.com with your domain.

cd /var/www/vhosts/domain.com/conf/
vi vhost.conf

Bash:

cd /var/www/vhosts/domain.com/conf/
vi vhost.conf

Then basically we are over riding the default settings of Plesk with our own. Setting open_basedir to allow the /cake path.

        
                php_admin_flag engine on
                php_admin_flag safe_mode off
                php_admin_value open_basedir "/cake:/var/www/vhosts/domain.com/subdomains/tools/httpdocs:/tmp"
        
        
                php_admin_flag engine on
                php_admin_flag safe_mode off
                php_admin_value open_basedir "/cake:/var/www/vhosts/domain.com/subdomains/tools/httpdocs:/tmp"
        

Apache:

<Directory /var/www/vhosts/domain.com/subdomains/tools/httpdocs>
        <IfModule sapi_apache2.c>
                php_admin_flag engine on
                php_admin_flag safe_mode off
                php_admin_value open_basedir "/cake:/var/www/vhosts/domain.com/subdomains/tools/httpdocs:/tmp"
        </IfModule>
        <IfModule mod_php5.c>
                php_admin_flag engine on
                php_admin_flag safe_mode off
                php_admin_value open_basedir "/cake:/var/www/vhosts/domain.com/subdomains/tools/httpdocs:/tmp"
        </IfModule>
</Directory>

Now we need to reload the vhost to include that loads our new config file.

/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=domain.com
service httpd graceful

Bash:

/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=domain.com
service httpd graceful

Great! Now we can have a central set of cake files and use it for each domain.

Plesk on Media Temple's (dv) server doesn't allow you to create multiple FTP accounts per domain. For instance, I want to create domain.com/my/folder as a FTP account. They are building this functionality into Plesk 9, but until then you have to do a little command line work.

Plesk allows you to create multiple FTP accounts per domain with the command line. Basically you do the following:

/usr/sbin/useradd -d /your_domain/some/location -s /bin/false USER_NAME
/usr/sbin/usermod -G psacln USER_NAME
chmod 755 $HTTPD_VHOSTS_D/your_domain/some/location
chown USER_NAME:psacln $HTTPD_VHOSTS_D/your_domain/some/location
chmod 751 $HTTPD_VHOSTS_D/your_domain/httpdocs
passwd USER_NAME

Bash:

/usr/sbin/useradd -d /your_domain/some/location -s /bin/false USER_NAME
/usr/sbin/usermod -G psacln USER_NAME
chmod 755 $HTTPD_VHOSTS_D/your_domain/some/location
chown USER_NAME:psacln $HTTPD_VHOSTS_D/your_domain/some/location
chmod 751 $HTTPD_VHOSTS_D/your_domain/httpdocs
passwd USER_NAME

The article I linked to above goes into more detail on each command. However they left out one key command at the end. "passwd" allows you to set the user's password. Voila, multiple accounts per domain!

Changing email encoding solved many of my email sending woes, but hotmail was still refusing to accept my outgoing emails. In researching email acceptance, I found out that many people are having issues with hotmail silently refusing their emails. This has even resulted in a petition to remove Microsoft's intense spam filtering system that blocks legit emails (including mine). That aside, I did some research to find someone with a solution.

I started my search at my web host, Media Temple, and found an article on hotmail and yahoo email spam flagging issues where they recommended using a SPF record. Next, I found someone who this solved his hotmail email sending issues with this SPF record. This SPF must be the magic bullet, I thought.

What is a SPF record you say? Before I get into that, I want to give you some information that was helpful for me to understand why my email was getting dropped by hotmail.

Introduction to DNS Records

DNS records play a huge role in the, "I'm not spam" game. Let me explain the basics.

When you register a domain you have to set your name servers in your domain control panel. This usually looks like: NS1.DOMAIN.COM and NS2.DOMAIN.COM. These records would give the company who owns DOMAIN.COM rights to your DNS records. Your DNS records control everything associated with your domain and can be changed via your domain control panel. In your control panel, you will find something called A or CNAME records. These records point to your web server. In my case, my control panel shows A records as: *.domain.com, and domain.com point to the IP address of my web server.

Look at A or CNAME records as your bread and butter records that tell you where your server and files are.

The other basic type of record is your MX records. The MX records point to your incoming mail server(s).

When you think of MX records, think of email.

Some registrars, like Yahoo, only allow you to edit these three basic types of DNS records: your name servers, MX records and A/CNAME records. This works in most cases (consumer and small business), but I found they will not allow you add any custom records to your DNS information such as TXT or SPF.

My original plan was to use Yahoo as my mail server, but they won't let you set this SPF record, so that means Yahoo (*erhm* Microsoft's pet) just lost my business.

So what is SPF?

The Sender Policy Framework is used to tell mail servers that your outgoing mail as legit. As far as I can tell, it is the key to unlocking hotmail to receive your outgoing emails in the midst of the spam wars. To add this SPF record, it is pretty straight forward. Your web host should know and be able to help you with this - my web host provides an article on setting up an SPF record.

Let me give you an example. I want to tell mail servers that it is okay if email originates from my dedicated web server, which has IP address 555.555.555.555. So, I would specify this by adding a record to my DNS of type TXT that looks like:

v=spf1 a mx ip4:555.555.555.555 ~all

"v=spf1" says that it is a Sender Policy Framework record. "a" and "mx" states that the records come from my original domain name. And finally the, "ip4:555.555.555.555" is what really matters - it states sending mail from the server with that IP address, 555.555.555.555 is acceptable.

You can generate your own record with the SPF Setup Wizard. You still have to know the basics of DNS though, which is why I explained them earlier.

In the end, make sure that the company you point your name servers to allows you to add a custom SPF/TXT record. It is worth the time to understand this if you plan on sending automated emails to a wide audience. You don't want your users to ditch using your application because they are waiting for an email for 10 minutes with no response.

• Part 1: Media Temple Dedicated Server Setup
• Part 2: Installing Subversion on Apache
• Part 3: Subversion (SVN) Authentication and Auto Update

During the first two parts of my series on setting up a Media Temple dedicated server, I setup subversion (SVN) on apache. Now I want to show you how I setup basic authentication and a SVN hook to automatically deploy files to the server (called continuous integration). This is great because you can check in your files to SVN and see them on the server immediately.

Adding Basic Apache Authentication to your Subversion (SVN) Repository

First lets give apache access to the SVN database (the $ symbol just means it is a shell command).

chmod g+s /svnroot/db

Bash:

chmod g+s /svnroot/db

Now create a password file with htpasswd, name the file whatever you would like. I chose to make my file hidden by adding the period before the name.

htpasswd -cm /etc/.htaccess yourusername

Bash:

htpasswd -cm /etc/.htaccess yourusername

It will prompt you for your password. Now go back to your httpd.conf and than add the last four lines below to your Location code block  - we are adding to what we did in part 2 of the media temple setup series.

  DAV svn
  SVNParentPath /usr/local/svn
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /etc/.htaccess
  require valid-user

Apache:

<Location /svn>
  DAV svn
  SVNParentPath /usr/local/svn
  AuthType Basic
  AuthName "Subversion repository"
  AuthUserFile /etc/.htaccess
  require valid-user
</Location>

For security reasons, we also need to make sure and hide the .svn folders from having apache publicly display them:

# Disallow browsing of Subversion working copy administrative dirs.

    Order deny,allow
    Deny from all

Apache:

# Disallow browsing of Subversion working copy administrative dirs.
<DirectoryMatch "^/.*/\.svn/">
    Order deny,allow
    Deny from all
</DirectoryMatch>

Restart apache and when you try to access SVN you should be prompted for authentication. Great, SVN is now secure! You can also add more security by adding SSL to your dedicated server.

Creating a Subversion (SVN) Hook to Auto Update Your Server

I want to automatically deploy my files to my httpdocs without having to manually go in and update the files. So to accomplish this you need to create a SVN hook that runs after every commit.

First, copy the post-commit template from your svnroot/hooks folder. And lets also use chmod to give the file rights to execute.

cd /svnroot/hooks/
cp post-commit.tmpl post-commit
chmod +x post-commit

Bash:

cd /svnroot/hooks/
cp post-commit.tmpl post-commit
chmod +x post-commit

Now we need to create a little C program. You should have GCC installed. This will compile our little C program. Create a new svnupdate.c file and put this code in. Don't forget to change the directory path: "public_html_directory"

#include 
#include 
#include 
int main(void)
{
  execl("/usr/bin/svn", "svn", "update", "/public_html_direcotry/",
        (const char *) NULL);
  return(EXIT_FAILURE);
}

C:

#include <stddef.h>
#include <stdlib.h>
#include <unistd.h>
int main(void)
{
  execl("/usr/bin/svn", "svn", "update", "/public_html_direcotry/",
        (const char *) NULL);
  return(EXIT_FAILURE);
}

Complile the file with this command. It will take the whatever.c and compile it into a binary file.

gcc -o svnupdate svnupdate.c

Bash:

gcc -o svnupdate svnupdate.c

Try executing the binary to see if it works with the env command.

env - ./svnupdate

Bash:

env - ./svnupdate

Alright now copy the whatever binary into your hooks folder. And we'll also run a couple commands to give it proper priveledges:

cp whatever /svnroot/hooks
cd /svnroot/hooks
chown root:root svnupdate
chmod +s svnupdate

Bash:

cp whatever /svnroot/hooks
cd /svnroot/hooks
chown root:root svnupdate
chmod +s svnupdate

Then lets tell the post commit hook to run our binary file name, "svnupdate".

vi /svnroot/hooks/post-commit

Bash:

vi /svnroot/hooks/post-commit

Inside it the post-commit hook tell it to run the binary using the absolute path:

/svnroot/hooks/svnupdate

C:

/svnroot/hooks/svnupdate

Test it out by checking in a file to subversion. It should automatically update at the directory we set in the C program.

• Part 1: Media Temple Dedicated Server Setup
• Part 2: Installing Subversion on Apache
• Part 3: Subversion (SVN) Authentication and Auto Update

Note on June 24, 2008: Media Temple released their (dv) 3.5 which has a new set of developer tools, subversion and yum are installed - so you should be able to skip past the first few steps. You still may need to install mod_dav apache module with, "yum install mod_dav".

How to install subversion on a Media Temple dedicated virtual (dv) 3.0 linux server.

In the first part of setting up a dedicated server with Media Temple, I found out how to install PHP5 and learned some basic linux commands. I quickly realized how difficult linux can be if you don't know what you are doing. Luckily, YUM made my life a lot easier.

YUM is helps you easily install packages with simple commands on linux. First, lets install YUM and use it to install subversion. Run these commands one-by-one:

rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/libxml2-python-2.6.16-10.i386.rpm
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.i386.rpm 
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.i386.rpm http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/rpm-python-4.3.3-22_nonptl.i386.rpm 
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm
wget http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/yum-2.4.3-3.el4.centos.noarch.rpm
rpm -Uvh yum-2.4.3-3.el4.centos.noarch.rpm

Bash:

rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/libxml2-python-2.6.16-10.i386.rpm
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-elementtree-1.2.6-5.el4.centos.i386.rpm 
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-sqlite-1.1.7-1.2.1.i386.rpm http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/rpm-python-4.3.3-22_nonptl.i386.rpm 
rpm -ivh --nodeps http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/python-urlgrabber-2.9.8-2.noarch.rpm
wget http://centos.mirror.vpslink.com/centos-4/4.5/os/i386/CentOS/RPMS/yum-2.4.3-3.el4.centos.noarch.rpm
rpm -Uvh yum-2.4.3-3.el4.centos.noarch.rpm

To check if it is installed run this command:

rpm -q yum

Bash:

rpm -q yum

Now we need to install subversion and to run it through apache we need mod_dav_svn (apache 2 modules).

yum install subversion
yum install mod_dav_svn

Bash:

yum install subversion
yum install mod_dav_svn

I found a few articles on setting up subversion, but I'll walk you through how I got it to work. First I needed a home location, I chose to call this "svnroot".

svnadmin create /svnroot
svn mkdir file:///svnroot

Bash:

svnadmin create /svnroot
svn mkdir file:///svnroot

Now, I want to import the httpdocs of my subdomain into the <project>/trunk. You can name your project whatever you would like. Don't forget to replace the domain, subdomain and project name in this next command:

svn import /var/www/vhosts//subdomains//httpdocs file:///svnroot//trunk/dev -m 'Initial import of dev httpdocs'

Bash:

svn import /var/www/vhosts/<domain>/subdomains/<subdomain>/httpdocs file:///svnroot/<project>/trunk/dev -m 'Initial import of dev httpdocs'

To test that my files were imported correctly and the svn repository was created successfully, I ran this command.

svn checkout file:///svnroot//trunk/dev #/svnwork

Bash:

svn checkout file:///svnroot/<project>/trunk/dev #/svnwork

Vuala! - it downloaded my httpdocs to the #/svnwork directory. Now lets setup our SVN through apache. First, lets give Apache access to the folder:

chown -R apache.apache /svnroot

Bash:

chown -R apache.apache /svnroot

Next, lets jump in the apache config and load the proper modules and set the svn location.

vi /etc/httpd/conf/httpd.conf

Bash:

vi /etc/httpd/conf/httpd.conf

Press 'i' to insert into the document and in the LoadModule section add these two lines:

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule dav_svn_module modules/mod_authz_svn.so

Bash:

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule dav_svn_module modules/mod_authz_svn.so

And lets add the SVN location for apache to access. Careful, this does not add any authentication so you are giving free reign to your SVN server until then. Add this to your apache config:

  DAV svn
  SVNPath /svnroot

Bash:

<Location /repos>
  DAV svn
  SVNPath /svnroot
</Location>

Hit esc and than :x to quit and save the file. Restart your apache server, you should get an ok message [ok].

/etc/init.d/httpd restart

Bash:

/etc/init.d/httpd restart

Now download the windows subversion client and install. Let's test to see if our Apache subversion module worked. Use 'http://<server ip address>/svn to see verify it worked.

• Part 1: Media Temple Dedicated Server Setup
• Part 2: Installing Subversion on Apache
• Part 3: Subversion (SVN) Authentication and Auto Update

I wanted a web hosting server that I can hyper-tweak to my needs. So I opted for a dedicated server with Media Temple. I have little knowledge in linux, but I am going to embark on this road to server greatness. I want to get these things on my server to start: subversion, PHP5 and MySQL5 (PHP5 comes pre-installed now). Here I'll walk through my experience setting up my dedicated virtual (dv) server.

You have to request admin access and dev tools to be installed. So I sent a support ticket and it took a day. Here is a list of the dev tools that are installed.

Opened VI (text editor) as part of the tutorial and couldn't figure out how to get out of it once you start editing a file. So I found this article which told me to exit by hitting ESC than typing :x http://www.cs.colostate.edu/helpdocs/vi.html

Than I had to learn Putty/Linux so I looked up my commands here: http://www.ss64.com/bash/

Some good, general commands...

ls ...list directories
mkdir  ...create a directory
rm  ...remove file
wget  ...get a package
cp   ...copy file to directoy

Bash:

ls ...list directories
mkdir <name> ...create a directory
rm <filename> ...remove file
wget <url> ...get a package
cp <file> <directory> ...copy file to directoy

That's it for day one of my dedicated server setup.