Server Administration Can other virtual server clients view my server's files?

? Can I have multiple SSH accounts for the same virtual server? Do I need to reboot my virtual server when changes are made to the configuration files? How do I change my Telnet / Administrative FTP password? How can I delete my virtual server's log files? How can I perform a trace route from my virtual server? How can I add a new MIME. TYPE to my virtual server? How can I add users to my virtual server? How do I edit a user's settings? When I attempt to connect with SSH, it connects and appears to login, then immediately disconnects. Can I use SSH to connect to my virtual server? My SSH session says "auto-logout" then disconnects me. I would like to use to use a file other than index.htm or index.html as the default on my website. How can I specify a different file name? When I go to install a certain software package many, if not all, of my domains are listed under the same item. How can I change that? How can I keep someone from a given domain or IP address from browsing my site? My redirection URL works when I include a trailing '/' but not when I omit it. Q: Can other virtual server clients view my server's files? A: Absolutely not! The only one who can access and view the files on your virtual server is you. Virtual Servers that reside on the same physical server are unable to view their virtual neighbors' files. Q: Can I have multiple SSH accounts for the same virtual server? A: There is only one SSH (secure telnet) account per virtual server, which is to be used by the Administrative user only. Q: Do I need to reboot my virtual server when changes are made to the configuration files? A: You should reboot your virtual server after you make changes to the configuration files. The Apache Web server recognizes some changes to the configuration files. After making changes run the command: "apachectl restart" from the SSH (secure telnet) prompt. Q: How do I change my SSH / Administrative FTP password? A: To change your SSH and Administrative FTP password, SSH to your server and type the following at the command prompt: % vpasswd You are prompted for a new password, which you must confirm by typing a second time. For security purposes, the password will not display on the screen. Q: How can I delete my virtual server's log files? A: To delete your log files, SSH to your virtual server and enter the following command at the prompt: % vnukelog -a The vnukelog command erases your access, agent, referrer, error, and messages logs from your server.

Be sure to use this command to erase your log files rather than simply deleting the files, as deleting them may not completely remove all the log files from your server. Q: How can I perform a tracer route from my virtual server? A: To run a traceroute from your virtual server, SSH to your virtual server and type the traceroute command, followed by a domain name or IP address. Example: Run a traceroute from your virtual server to netscape.com: % traceroute www.netscape.com Q: How can I add a new MIME.TYPE to my virtual server? A: You have full access to your mime.types file, which is located in your www/conf directory. To add a new MIME.TYPE to your virtual server, you must add a line to your ~/www/conf/mime.types file in the following format, where appname is the name of the application and ext is the extension associated with that application: application/appname ext Example: Suppose you wish to serve Future Splash files, which have a .spl extension, on your virtual server. You would need to add the following line to your ~/www/conf/mime.types file: application/futuresplash spl To test whether your virtual server properly serves .spl files, you would need to open your Web browser and try to load the FutureSplash applet. If you receive garbled text in your browser, the MIME.TYPE is not configured correctly. Q: How can I add users to my virtual server? A: To create additional users, SSH to your virtual server and enter the following command at the prompt: % vadduser The vadduser command allows you to create the following for your users: 1) Email POP accounts 2) Email quotas 3) An FTP directory with username and password administrative rights 4) A Web directory off of your htdocs directory with username and password administrative rights Q: How do I edit a user's settings? A: To edit a user's settings after you have added them to your virtual server with vadduser, Telnet to your virtual server and enter the following command at the prompt, where username is an actual user on your virtual server: % vedituser username The vedituser command allows you to change all of the settings of any user. If you wish to change a user's password, enter the following command at the prompt, where username is an actual user on your virtual server: % vpasswd username Q: When I attempt to connect with SSH, it connects and appears to login, then immediately disconnects. A: You may be attempting to login using SSH2. While this is a more recent version of SSH, it is a proprietary development on the previous protocol, which still works without problem. Currently we do not support SSH2 and have not found any problems with SSH. If you are attempting to connect with SSH2, you will need to instead download an SSH client in order to make a secure login to your virtual server. Q: Can I use SSH to connect to my virtual server? A: When connecting to your virtual server, for security reasons, we recommend that you use SSH. SSH operates in a manner similar to Telnet, except your connection is encrypted to prevent the possibility of having any passwords or other sensitive information from being intercepted, or

'sniffed.' To use SSH, you must download SSH software; however, there are certain restrictions that you must consider before using SSH: Because strong encryption products are considered by law to be munitions, SSH cannot be exported from the United States to most other countries. Likewise, there are strict patent laws regarding SSH clients developed in other countries that prohibit them from being imported into the U.S. Therefore, you will not only want to download a program appropriate to your operating system, but also from an appropriate country. To help you determine the proper SSH client for your country and operating system, we have compiled the following list of URLs: If you are using Windows within the U.S., we recommend SecureCRT from Van Dyke Technologies, at: http://www.vandyke.com/products/ If you are using Windows outside of the U.S., you should be able to use any of the clients at one of the following URLs: http://www.zip.com.au/~roca/ttssh.html http://www.chiark.greenend.org.uk/~sgtatham/putty.html If you are using MacOS within the U.S., we recommend F-Secure SSH from DataFellows, at: http://www.f-secure.com/products/ssh/client/ If you are using MacOS outside of the U.S., you should be able to use the client at: http://www.lysator.liu.se/~jonasw/freeware/niftyssh/ If you are using Linux, the native SSH client should come with your distribution, but if it does not, you can download it from the appropriate mirror site at: http://www.ssh.org/download.html Q: My SSH session says "auto-logout" then disconnects me. A: This is a feature of your account, designed so that SSH connections to your virtual server are automatically disconnected after 60 minutes of non-activity. If you need to temporarily disable this feature, enter the unset autologout command at your virtual server's command prompt. You can then use the set autologout command to re-enable the auto-logout feature. Q: I would like to use a file other than index.htm or index.html as the default on my website. How can I specify a different file name? A: There is a statement within Apache called DirectoryIndex, which tells the web server which files to load if one is not specified. This modification can be made for your entire virtual server or for a single directory. If you wish to have your entire virtual server use a file such as pageone.html, pageone.htm, and pageone.php instead of index.html and index.htm, you will need to edit the srm.conf file which is located in the ~/www/conf directory. Near the top of the file is the line: DirectoryIndex index.html index.htm You will need to modify this line so that it reads DirectoryIndex pageone.html pageone.htm The web server will now look for the above file names, first .html and then .htm, if no file was specified. If you wish to have a single directory utilize a different filename such as index.phtml or index.php, then you will need to create a .htaccess file in the directory with the line: DirectoryIndex index.phtml index.php Q: When I go to install a certain software package many, if not all, of my domains are listed under the same item. How can I change that? A: When you use vaddvhost to create a new Virtual Host entry, you have the option to combine, or keep your log files separate for that addition. The vinstall package installation script views the vhosts.conf file for your log file structure on each domain. If domains have the same structure, then it assumes you wish to keep everything in the main domain log files, and uses that as its

basis for installations. If you do not wish to install packages on all of the same virtual hosts, you will have to sacrifice the ability to log within the same log files. To redirect the log files for a specific domain, you will need to modify your ~/www/conf/vhosts.conf file by following these instructions: Go to the conf directory on your virtual server: cd ~/www/conf Open the vhosts.conf file in your pico editor: pico vhosts.conf Find the <Virtual Host> directive entry for the domain. HINT: The easiest way to do this is to use the search function within pico. Hold CTRL and press W. A prompt should now be in the lower left hand corner of your screen. Enter the domain name. If it does not find the <VirtualHost domain.com>, hold CTRL again, press W and hit enter. It will find the next instance of that domain name. The virtual host entry should look something like this: # VirtualHost domain.com Added by vaddvhost <VirtualHost domain.com> ServerName domain.com ServerAlias www.domain.com ServerAdmin webmaster@domain.com DocumentRoot /usr/local/etc/httpd/vhosts/domain.com/htdocs ScriptAlias /cgi-bin/ /usr/local/etc/httpd/vhosts/domain.com/cgi-bin/ TransferLog logs/access_log RefererLog logs/referer_log AgentLog logs/agent_log ErrorLog logs/error_log ErrorDocument 500 /errordocs/internalerror.html ErrorDocument 404 /errordocs/filenotfound.html ErrorDocument 403 /errordocs/accessdenied.html Alias /postoffice /usr/local/etc/httpd/common/postoffice Alias /common /usr/local/etc/httpd/common </VirtualHost> Modify the log files to point where you want. In this example, they point to the primary domain log files, which reside in ~/www/logs. You will want to modify them to point where you want. However, make sure you create both the directory and the files. Q: How can I keep someone from a given domain or IP address from browsing my site? A: To prohibit a specific domain or IP address from browsing your site, follow the steps below: Go to the directory that you wish to restrict access to (for example, ~/www/htdocs). Once you are in the directory you wish to restrict access to, enter the following command at your virtual server's command prompt: pico .htaccess Add lines similar to the following for all domains/IP addresses you wish to deny access: <Limit GET> order allow, deny allow from all deny from .domain.com 219.XX.44. 219.XX.76.4 </Limit> In this example, we are blocking not only 'domain.com' but also any subdomains and canonical names for this domain, by placing a period before the domain name. If you only want to block a specific domain name, type in the domain without a period at the beginning. We are also blocking the IP subnet 219.39.44.* -- that is, the IP addresses from 219.39.44.1 to 219.39.44.255. Note that the subnet ends with a period. Finally, as in the above example, be sure to separate each entry by a space.

Q: My redirection URL works when I include a trailing '/' but not when I omit it. A: This FAQ explains why, when you include the trailing '/' in your redirection URL (e.g., http://foo.domain.com/~user/) it will work, but not when you omit it (e.g., http://foo.domain.com/~user). When you access a directory without a trailing '/' in redirection URLs, Apache sends what is called a redirect to the client. This tells the browser to add the trailing slash. If it did not do so, relative URLs would not work properly. When it sends the redirect, it needs to know the name of the server, so that it can include this information in the redirect. There are two ways for Apache to figure this out: It will attempt to deduce this information from the IP information OR You can tell it what information to use If your DNS is configured correctly, it can normally complete this without any problems. If it is not, or you don't want the information returned to show that of your main domain, then it will not work. Adding a ServerName directive to your Apache configuration files can accomplish this task. The syntax for this directive is: ServerName {fully qualified domain name} This is assuming that {fully qualified domain name} is the name of your domain.