Install Server LPSE

The document provides instructions for installing Apache, Tomcat, and PostgreSQL server on a Linux system to run an LPSE application. It includes steps to configure the database, application, Tomcat, Apache, and security modules. Key steps are to install the software packages, configure the database connection settings in the application code, set up Tomcat to point to the application files, configure Apache and mod_jk to route requests to Tomcat, and enable security modules like mod_security and mod_evasive.

Uploaded by

ridhopirmanda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

175 views

Install Server LPSE

Uploaded by

ridhopirmanda

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 6

InstaII Server LPSE (Apache, Tomcat, dan

PostgreSQL)
Software yang dibutuhkan harus sudah terinstal. Software tersebut antara lain :
Apache 2.x (mod_jk, mod_security, mod_evasive, mod_deflate)
Apache-tomcat 6.x
Java SDK 1.6.x
Postgresql 8.x
Karena distro yg saya pakai RHEL 5.5 jadi untuk install langsung saja jalanin perintah yum
yum install postgresql httpd php
untuk java saya download yg source, tinggal ekstrak aja ke /usr/local/src
lalu berikan hak akses
chmod 777 /usr/local/src/jdk1.6.0/bin/*
1. Konfigurasi database
a. Edit baris berikut di postgresql.conf menjadi :
listen_addresses = '*'
port = 5432
b. Tambahkan baris berikut di pg_hba.conf :
host all all 192.168.0.1/24 trust
asumsi 192.168.0.1 sebagai server aplikasi
c. Restart postgresql dengan perintah berikut :
service postgresql restart
d. Buat user di database :
root@lpse:/# su postgres
postgres@lpse:$ /usr/bin/psql
postgres=# create user epns;
CREATE ROLE
postgres=# create user secman;
CREATE ROLE

e. Buat database production :
root@lpse:/# su postgres
postgres@lpse:$ createdb U postgres epns-prod O epns
postgres@lpse:$ createdb U postgres secman-prod O secman

f. mport database :
root@lpse:/# su postgres
postgres@lpse:$ psql
postgres=# \cd /home/sysadmin
postgres=# \c epns-prod
epns-prod=# \i epns_master_prod_220.sql
epns-prod=# \i 7_upgrade_to_R5b.sql
postgres=# \c secman-prod
secman-prod=# \i secman_master_prod_220.sql

g. Ubah password user :
root@lpse:/# su postgres
postgres@lpse:$ psql
postgres=# ALTER USER epns PASSWORD 'passwordku';
ALTER ROLE
postgres=# ALTER USER secman PASSWORD 'passwordku';
ALTER ROLE

2. Konfigurasi Aplikasi :
a. copy source aplikasi LPSE ke /usr/local/src
cp -R /home/sysadmin/lpse/appserv/epns-prod/ /usr/local/src/
b. Set konfigurasi koneksi database :
saya asumsikan database berada dalam server yg sama yaitu 192.168.0.1
edit file /usr/local/src/epns-prod/eproc/WEB-NF/classes/application.properties menj adi seperti berikut :
secman.jdbc.driverClassName=org.postgresql.Driver
secman.jdbc.url=jdbc:postgresql://192.168.0.1/secman-prod
secman.jdbc.username=secman
secman.jdbc.password=[password user secman]
secman.jdbc.validationQuery=SELECT 1
jdbc.driverClassName=org.postgresql.Driver
jdbc.url=jdbc:postgresql://192.168.0.1/epns-prod
jdbc.username=epns
jdbc.password=[password user epns]
jdbc.validationQuery=SELECT 1
jdbc.validationQuery=SELECT 1

c. nstall tomcat :
Copy source tomcat ke /usr/local/src
cp -R /home/sysadmin/lpse/src/apache-tomcat-production/ /usr/local/src/
d. setting path home java
edit file /etc/profile, tambahkan baris berikut :
export JRE_HOME=/usr/local/src/jdk1.6.0/
export JAVA_HOME=/usr/local/src/jdk1.6.0/
e. ubah port AJP13 menjadi 7009
edit file /usr/local/src/apache-tomcat-production/conf/server.xml
[Connector port="7009" protocol="AJP/1.3" redirectPort="8443" /]
f. Tutup port 8080
edit file /usr/local/src/apache-tomcat-production/conf/server.xml berikan tanda komentar pada baris berikut :
[Connector executor="tomcatThreadPool"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" /]
g. Arahkan tomcat ke path aplikasi LPSE berada
edit file /usr/local/src/apache-tomcat-production/conf/server.xml tambahkan baris berikut :
[Context path="/eproc" docBase="/usr/local/src/epns-prod/eproc" reloadable="false"] [/Context]
[Listener className="org.apache.jk.config.ApacheConfig"
modJk="/etc/httpd/modules/mod_jk.so"
workersConfig="/etc/httpd/workers.properties" /]
h. Buat konfigurasi workers.properties untuk menghubungkan tomcat dengan apache
nano /etc/httpd/workers.properties
ps=/
worker.list=worker1 worker2
worker.worker1.port=8089
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.lbfactor=1
worker.worker2.port=7079
worker.worker2.host=localhost
worker.worker2.type=ajp13
worker.worker2.lbfactor=2
worker.loadbalancer.type=lb
worker.loadbalancer.balanced_workers=worker1 worker2
worker.inprocess.type=jni
worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)catalina.jar
worker.inprocess.cmd_line=start
worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)lib$(ps)
i386$(ps)classic$(ps)libjvm.so
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
i. tambahkan baris berikut pada httpd.conf untuk redirect website
Alias /eproc /usr/local/src/epns-prod/eproc
RedirectMatch ^/$ /eproc/app
j. edit file mod_jk.conf seperti berikut :
LoadModule jk_module modules/mod_jk.so
JkWorkersFile /etc/httpd/workers.properties
JkLogFile /var/log/httpd/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkMount /eproc* worker1
k. install dan konfigurasi module security
yum mod_evasive mod_security
edit mod_evasive.conf :
[fModule mod_evasive20.c /]
DOSHashTableSize 6194
DOSPageCount 25
DOSSiteCount 80
DOSPagenterval 1
DOSSitenterval 1
DOSBlockingPeriod 10
[/fModule]
edit mod_security.conf :
SecAuditEngine RelevantOnly
SecRequestBodyAccess On
SecResponseBodyAccess On
SecAuditLogParts ABCFHZ
SecAuditLog /home/logs_apache_tomcat/security/audit_apache.log
SecDebugLog /home/logs_apache_tomcat/security/modsec_debug.log
SecDebugLogLevel 3
SecDefaultAction log,auditlog,deny,status:403,phase:2,t:none
SecRuleEngine On
SecServerSignature "Netscape-Enterprise/6.0 PHP5.2.0 mod_asp/3.4.5"
SecRule ARGS "\.\./
SecRule ARGS "<[[:space:]]*script"
SecRule ARGS "<(.|\n)+>"
SecRule REQUEST_BODY "(document\.cookie|Set-Cookie|SessionD=)
SecRule REQUEST_BODY "<[^>]*meta*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*style*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*script*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*iframe*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*object*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*img*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*applet*\?[^>]*>
SecRule REQUEST_BODY "<[^>]*form*\?[^>]*>
SecRule REQUEST_HEADERS:User-Agent "Nikto "log,deny,status:403,msg:'Nikto Scanners dentified'
SecRule HTTP_HOST "\x25"
SecRule HTTP_HOST "^$ "log,allow,msg:'no http host'
SecRule HTTP_USER_AGENT "^$ "log,allow,msg:'No user agent'
SecRule REQUEST_BODY "/^(etc|bin|sbin|tmp|var|opt|dev|kernel|exe)$/
SecRule ARGS "delete[[:space:]]+from
SecRule ARGS "insert[[:space:]]+into
SecRule ARGS "select.+from
SecRule ARGS "\<\!--\#"
SecRule ARGS "((=))[^\n]*(<)[^\n]+(>)
SecRule REQUEST_BODY "(\'|\)
SecRule REQUEST_BODY "!^[\x20-\x7f]+$
SecRule REQUEST_UR "^/(bin|cgi|cgi(\.cgi|-91[45]|-sys|-local|s|-win|-exe|-home|-perl)|(mp|web)cgi|(ht|ows-
)bin|scripts|fcgi-bin)/
SecRule REQUEST_BODY "/bin/ps
SecRule ARGS "wget\x20"
SecRule ARGS "uname\x20-a
SecRule REQUEST_BODY "/nessus_is_probing_you_
SecRule REQUEST_UR "^OR 1=1*
edit mod_deflate.conf :
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
SetOutputFilter DEFLATE
DeflateBufferSize 65536
DeflateCompressionLevel 9
DeflateFilterNote nput instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
DeflateMemLevel 9
DeflateWindowSize 15
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch "Windows 98" gzip-only-text/html
BrowserMatch "MSE [45] gzip-only-text/html
BrowserMatch \bMS[E] !no-gzip !gzip-only-text/html
SetEnvfNoCase Request_UR \.(?:gif|jpeg|jpe|jpg|png|ico|t?gz|zip|rar|pdf|doc|xls|dat)$ no-gzip dont-vary
LogFormat '%r %{outstream}n/%{instream}n (%{ratio}n%%)' deflate
CustomLog /var/log/apache2/deflate_log deflate
l. restart service httpd lalu start tomcat
service httpd restart
/usr/local/src/apache-tomcat-production/bin/startup.sh
jika ingin apache dan tomcat start saat booting lakukan langkah berikut :
chkconfig httpd on
edit file /etc/rc.local tambahkan baris berikut :
/usr/local/src/apache-tomcat-production/bin/startup.sh

nstaIas tomcat
nstalasi tomcat dilakukan dengan mengcopy tomcat dari cd installer atau source ke aplikasi server
(direkomendasikan dicopy ke direktori /usr/local/src)
Set pada direktori tomcat/bin/catalina.sh untuk JAVA_HOME diarahkan ke jdk1.6.0
(JAVA_HOME=/usr/local/src/jdk1.6.0)
Konfigurasi untuk aplikasi terdapat dua bagian yaitu aplikasi untuk latihan dan production :
Latihan
Copy tomcat ke direktori /usr/local/src rename menj adi /usr/local/src/apache-tomcat-latihan
Set apache-tomcat-latihan/conf/server.xml ubah port AJP13 menjadi 8009'
redirectPort="8443" />
Set apache-tomcat-latihan/conf/server.xml tutup port 8080
Set context path dan docbase
"/home/appserv/epns- latihan/latihan"

Set JAVA_HOME pada file apache-tomcat-latihan/bin/catalina.sh
JAVA_HOME = /usr/local/src/jdk1.6.0

Production
Copy tomcat ke direktori /usr/local/src rename menj adi /usr/local/src/apache-tomcat-latihan
Set apache-tomcat-latihan/conf/server.xml ubah port AJP13 menjadi 7009

Tutup port 8080 seperti pada latihan
Set context path dan docbase

Set JAVA_HOME pada file apache-tomcat-latihan/bin/catalina.sh
JAVA_HOME = /usr/local/src/jdk1.6.0

MENJALANKAN TOMCAT
Jalankan perintah /usr/local/src/apache-tomcat-latihan/bin/catalina.sh run. Perintah ini menjalankan tomcat dalam
keadaan debug. Bila sudah bisa maka akan terlihat
NFO: JK: ajp13 listening on /0.0.0.0:8009

Atau bisa dilihat dengan perintah #netstat an , bila port 8009 sudah listening, maka tomcat siap di startup.
*.8009 *.* 0 0 49152 0 LSTEN

Jalankan perintah /usr/local/src/apache-tomcat-production/bin/catalina.sh run. Perintah ini menjalankan tomcat
dalam keadaan debug. Bila sudah bisa maka akan terlihat
NFO: JK: ajp13 listening on /0.0.0.0:7009

Atau bisa dilihat dengan perintah #netstat an , bila port 7009 sudah listening, maka tomcat siap di startup.
*.7009 *.* 0 0 49152 0 LSTEN

Sumber : http://adiseno.cilacaponline.web.id/blog/?p=233
http://portal.pengadaannasional-bappenas.go.id/index.php/setup-development-server/121-
setupdevelopmentserver-tomcat

Diposkan oleh k4t4k1 di 2:36 PM
Label: LPSE

NPLQ Theory Questions
56% (9)
NPLQ Theory Questions
3 pages
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
Stylistic Analysis of Afrobeat Music of Fela Anikulapo Kuti
100% (6)
Stylistic Analysis of Afrobeat Music of Fela Anikulapo Kuti
18 pages
Some Tutorials in Computer Networking Hacking
From Everand
Some Tutorials in Computer Networking Hacking
Dr. Hidaia Mahmood Alassouli
No ratings yet
Molecular Cell Biology Revision Notes
No ratings yet
Molecular Cell Biology Revision Notes
13 pages
The Little Book of Sitecore® Tips: Volume 1
From Everand
The Little Book of Sitecore® Tips: Volume 1
Neil P Shack
No ratings yet
Malabsorption A Clinical Approach
No ratings yet
Malabsorption A Clinical Approach
42 pages
Materi System LPSE
No ratings yet
Materi System LPSE
27 pages
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hedaya Alasooly
No ratings yet
Understanding Software Engineering Vol 3: Programming Basic Software Functionalities.
From Everand
Understanding Software Engineering Vol 3: Programming Basic Software Functionalities.
Gabriel Clemente
No ratings yet
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hidaia Mahmood Alassouli
No ratings yet
Sahara India Pariwar
No ratings yet
Sahara India Pariwar
48 pages
Unleashing The Power of Object-Oriented Programming
No ratings yet
Unleashing The Power of Object-Oriented Programming
46 pages
Paguio Transport Corporation Vs NLRC
No ratings yet
Paguio Transport Corporation Vs NLRC
6 pages
LPIC-1 Primer
From Everand
LPIC-1 Primer
John Greene
4.5/5 (3)
NoSQL Injection for Elasticsearch
From Everand
NoSQL Injection for Elasticsearch
Gary Drocella
No ratings yet
CCCCCCCCCCC C C C C CCCCCCC CCCCCCCCCCCCCCCCCCCP P P
No ratings yet
CCCCCCCCCCC C C C C CCCCCCC CCCCCCCCCCCCCCCCCCCP P P
21 pages
50 Recipes for Programming Node.js
From Everand
50 Recipes for Programming Node.js
Jamie Munro
3/5 (4)
Globalisation & HRD
No ratings yet
Globalisation & HRD
28 pages
Build your own Blockchain: Make your own blockchain and trading bot on your pc
From Everand
Build your own Blockchain: Make your own blockchain and trading bot on your pc
Magelan Cybersecurity
No ratings yet
Book List
No ratings yet
Book List
2 pages
DevOps. How to build pipelines with Jenkins, Docker container, AWS ECS, JDK 11, git and maven 3?
From Everand
DevOps. How to build pipelines with Jenkins, Docker container, AWS ECS, JDK 11, git and maven 3?
John Edward Cooper Berg
No ratings yet
Evaluation of Some Cloud Based Virtual Private Server (VPS) Providers
From Everand
Evaluation of Some Cloud Based Virtual Private Server (VPS) Providers
Dr. Hidaia Mahmood Alassouli
No ratings yet
Evaluation of Some Cloud Based Virtual Private Server (VPS) Providers
From Everand
Evaluation of Some Cloud Based Virtual Private Server (VPS) Providers
Dr. Hidaia Mamood Alassouli
No ratings yet
Admin - Sua Aceh
No ratings yet
Admin - Sua Aceh
11 pages
Circuito Aberto Ou Curto-Circuito No Sensor de Pressão Do Motor - Teste (KPNR5390-08)
No ratings yet
Circuito Aberto Ou Curto-Circuito No Sensor de Pressão Do Motor - Teste (KPNR5390-08)
7 pages
How to a Developers Guide to 4k: Developer edition, #3
From Everand
How to a Developers Guide to 4k: Developer edition, #3
Xinc Cyberwizard
No ratings yet
Quick Configuration of Openldap and Kerberos In Linux and Authenicating Linux to Active Directory
From Everand
Quick Configuration of Openldap and Kerberos In Linux and Authenicating Linux to Active Directory
Dr. Hidaia Mahmood Alassouli
No ratings yet
Tharan - Reflection Paper
No ratings yet
Tharan - Reflection Paper
5 pages
Simple Distillation
No ratings yet
Simple Distillation
5 pages
JAVASCRIPT FRONT END PROGRAMMING: Crafting Dynamic and Interactive User Interfaces with JavaScript (2024 Guide for Beginners)
From Everand
JAVASCRIPT FRONT END PROGRAMMING: Crafting Dynamic and Interactive User Interfaces with JavaScript (2024 Guide for Beginners)
DAISY JOHNSTON
No ratings yet
Global Warming ..How The Hoax Bagan
No ratings yet
Global Warming ..How The Hoax Bagan
24 pages
Super Critical Boiler Technology SKD
100% (1)
Super Critical Boiler Technology SKD
35 pages
Subject Matter Jurisdiction 10
No ratings yet
Subject Matter Jurisdiction 10
3 pages
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
From Everand
Evaluation of Some Intrusion Detection and Vulnerability Assessment Tools
Dr. Hedaya Mahmood Alasooly
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
A concise guide to PHP MySQL and Apache
From Everand
A concise guide to PHP MySQL and Apache
alasdair gilchrist
4/5 (2)
Evaluation of Some Windows and Linux Intrusion Detection Tools
From Everand
Evaluation of Some Windows and Linux Intrusion Detection Tools
Dr. Hedaya Alasooly
No ratings yet
Student Information System Report
100% (12)
Student Information System Report
27 pages
Media Kit. KINGS Vietnam Introduces New Program - Civil Engineering
No ratings yet
Media Kit. KINGS Vietnam Introduces New Program - Civil Engineering
11 pages
29 Job Hazard Analysis
No ratings yet
29 Job Hazard Analysis
2 pages
Kubernetes Made Easy
From Everand
Kubernetes Made Easy
Pankaj Joshi
No ratings yet
1
No ratings yet
1
1 page
Jollibee
87% (15)
Jollibee
12 pages
Inspiring Powershell Articles
From Everand
Inspiring Powershell Articles
Murat Yildirimoglu
No ratings yet
Religious and Moral Education Questions
100% (5)
Religious and Moral Education Questions
6 pages
Harvest Moon Friends of Mineral Town-Cheat
100% (1)
Harvest Moon Friends of Mineral Town-Cheat
21 pages
Genres
0% (1)
Genres
121 pages
Quiz Answers CH 12-15
No ratings yet
Quiz Answers CH 12-15
7 pages
Project Appraisal and Finance
No ratings yet
Project Appraisal and Finance
14 pages
Configuration of Apache Server to Support Asp
From Everand
Configuration of Apache Server to Support Asp
Dr. Hidaia Mahmood Alassouli
No ratings yet
S7-1200 Wiring A 4-20ma Signal To The 0-10V Input
No ratings yet
S7-1200 Wiring A 4-20ma Signal To The 0-10V Input
6 pages
Teenage Pregnancy
No ratings yet
Teenage Pregnancy
7 pages
Applications
No ratings yet
Applications
9 pages
Contract
No ratings yet
Contract
17 pages
Finish CPM Diagram
No ratings yet
Finish CPM Diagram
7 pages
C C C C C
No ratings yet
C C C C C
34 pages
9.chapter IV
No ratings yet
9.chapter IV
71 pages
Tai Lieu Ke Toan - Docx Khanh.
100% (1)
Tai Lieu Ke Toan - Docx Khanh.
20 pages
Takaful
No ratings yet
Takaful
40 pages

Install Server LPSE

Uploaded by

Install Server LPSE

Uploaded by

InstaII Server LPSE (Apache, Tomcat, dan

You might also like