The Linux Web Server

worldIt has been over ten years since I started this website. WebKeyDesign was the outcome of my rebellious nature and my love of technology. In 2005, a few of my coworkers liked having discussions to pass the day and so we setup an online forum on one of our Windows 2000 computers. This lasted for a few months only. As you can imagine our network admin did not share our fondness for discussing the merits of Star Wars versus The Matrix Trilogy. The online forum was shut down and hence I took it upon myself to setup a simple PERL forum script with my ISP. The forum worked well enough and was accessible over the Internet, but my ISP home space was limited and we would quickly outgrow the space allotted. The obvious solution was to open my wallet and purchase a domain and hosting space. In a matter of months our little forum grew into a proper forum solution using Invision PowerBoard and a cPanel Linux host. Interest in the forum ended up waning after a couple of years, and in the end all that was left was my curiosity with all things web server related. WebKeyDesign was the next logical step. The idea was to help people setup some simple websites and keep learning more about web hosting and web servers.

Today, you can find multiple solutions to web hosting and application services. There’s AWS, Google, Microsoft, and other cloud providers who all can provide robust internet services. There are also multiple shared web hosting solutions and virtual machine providers like DigitalOcean. The choices available today are significantly more varied than they were back in 2005. However this post is about where to start and some lessons learned.

The Poor Man’s Sandbox:

Much like in business, your budget is most likely fixed. You can only spend so much. Although you can setup a web server on your iMac at home, or even a Raspberry Pi nowadays, you don’t really want to do this. There are multiple reasons to advise against a home web server setup. Primarily, you want a web server to be stable and reliable. Your home internet connection can go down due to power failure, ISP issues, or even your dog pulling out your ethernet cable. There are just too many points of failure with a home web server. You will want to have a hosted solution.

Any hosted solution is going to cost you. You can save some percentage of funds by paying up front for a year’s worth of hosting, but when you are starting out, it is best to just pay monthly. You want to have the option to try multiple hosting companies. Some people find that a typical shared hosting option is what they are comfortable with and some other people will want to have cloud services like AWS. Give yourself the time and options to try different hosting solutions.

Server Operating Systems:

There are equally a wide range of operating systems on which your web server can run on top of. Given that the title of this post, you already probably know what I am going to recommend, but let’s summarize some of the other options.

Microsoft Windows Server is an operating system that most technical people may already be familiar with. Microsoft has a long history in the server space and today’s Windows 2012 and 2016 servers are available as virtual instances from Microsoft and other cloud providers. However Microsoft systems are not free and have licensing costs. You will find Microsoft to be more expensive than your typical Linux based solution. The other reason to not start with a Microsoft solution is that Windows Server is usually associated with Microsoft’s own IIS web server software. The Microsoft stack is a closed commercial solution with some exceptions.

Pretty much web servers tend to be UNIX based. There are multiple versions of UNIX or UNIX-like operating systems. There is BSD, Oracle Solaris, and then there is of course Linux. You can find hosting solutions based on BSD, but most like you are going to find lots and lots of Linux based solutions. Even though everyone calls it Linux, the Linux system is really the Linux kernel and GNU put together. There are many distributions of the Linux system, but most of them fall into three categories: business oriented Redhat, Debian based, and what I call bare bones like Arch Linux. If you are not comfortable with UNIX, most often you want something like Redhat or the Debian based Ubuntu distribution. For most of us, it comes down to choosing between Redhat and Ubuntu.

Redhat is in the business of supporting business customers and so the Redhat OS is not technically free. You have to pay for support. Redhat creates a free open-source distro named Fedora, from which they make the RedHat OS. Fedora has frequent changes and kind of like a developer’s OS. However from Fedora we also get a community driven stable distro known as CentOS. Most Linux based hosts will run CentOS because it is stable and free. Ubuntu on the hand is a very popular Linux distro that is based off of Debian. Many developers like Ubuntu because it is updated more frequently and is also free. While CentOS concentrates on stability, Ubuntu is updated more frequently. Either OS is a good choice for web services, but my personal leanings are on CentOS. If you will be developing software in the future or as your day job, CentOS is going to be closer to what businesses use for their systems. If you plan on just developing software for your own personal use or just want to learn some things, than Ubuntu is good choice.

Control Panels:

Even though server operating systems like CentOS and Ubuntu exist, an additional cost that does get passed on to you is control panels. In the world of Linux there is cPanel and there is everyone else. cPanel costs are significant and they pretty much control the control panel market. Large hosting providers get cPanel licenses cheaper than everyone else, so they are cheaper when it comes to providing cPanel as part of their solution. cPanel can control a shared web hosting solution, to a reseller account, to a virtual machine, to the entire fleet of physical web servers. It makes supporting and managing web servers easier for hosting providers. There are other hosting providers who have other control panels or roll their own much like Amazon AWS.

There are virtual machine providers like Linode and DigitalOcean who provide basic controls for the virtual machine and nothing else. You are free to control your virtual machine through SSH Secure Shell, or purchase an individual license for cPanel or any control panel on your own. One option is install the free GPL version of Virtualmin, while not as user friendly as cPanel, it can provide most of the functionality of cPanel. However note, that the farther you go away from a typical shared hosting solution, the more you are on your own as far as technical issues and support.

Apache or Nginx:

With a shared hosting solution or reseller account, the web server will most likely be Apache or Nginx. With a virtual machine or cloud solution you may be able to install the web server itself. You can’t really go wrong with learning either of these popular http web servers. Most of the knowledge that you learn from Apache can apply to other web servers, so if you have to pick one to start with, I’d recommend Apache.

Webmaster:

Once you have your sandbox up, it is time to setup a WordPress blog, a simple website, or perhaps write your first web app.

The Linux Web Server is an incredible piece of software engineering. It has allowed me to pursue my interests in computing and communicate to people all over the world. It has quite literally changed my life and I have no doubt that it can change yours.

Work

Office WorkerWe all do it, right? In fact when we are not doing it, we are most likely talking about doing it, more specifically how much more of it we have to do. But what exactly is Work? Is it a simple equation or is it more than that?

Work = Time + Effort

More recently, in our information age obsessed culture, we strive to not just complete work, but to be proficient at it. We as knowledge workers have to be proficient, we have to learn to execute more precisely, to eradicate waste, be energy efficient. This is how we come to think of work, not as something we produce, but as to how we perform it. It is not satisfactory to think of work as something we do, but something we need to excel at, to become better at, to improve. It is vital that as individuals we devote ourselves to thinking about how we do work, and less about how much of it we produce. Productivity should not matter to us personally, because productivity is no longer a goal for the individual worker.

What matters is the How and not the What. This is why we learn different types of business improvement models, like LEAN, Six-Sigma, Continuous Improvement, Efficiency, Quality Improvement, improve upon processes and products. If you are thinking, this does not make sense, because my business cares about productivity, and while this is true for the business, it should not be true for you personally.

For example, I once had a fellow project manager relate to me how they did not like how a particular computer programmer spent their time. The project manager was equating a programmer’s work as the amount of time they spent in front of a keyboard, writing code.

Work = Time

My response to the project manager was that we did not pay that person to write code, we paid them to solve technical problems with our system. I then pointed out that the programmer had years of accumulated knowledge and expertise, and just because they were not sitting in front of a computer, did not mean they were not thinking about how to solve our technical problems. It was more important to me, that the programmer provided their best solutions. If I really wanted a quick solution I knew that they could also provide this, but if schedule was not a problem, I always preferred to defer it until later. My advice to my fellow project manager was to manage the project, and not manage how other people do their work, because no one likes that and it does not produce better results.

In the case of project management, I see work as a series of never ending issues, which I run through my own personal system in order to attain resolution.

Work = [Problem = (Knowledge + Communication + Execution + Monitoring)]

Problem:

Issues come up every day, they arrive through email, in person, by phone, text, via your boss, customer, and sometimes by your own assessment of your project. In projects, everything fits into a Scope, Schedule, Cost category, but issues usually span some combination of the three. The other great truth is that in life all problems are people problems, because a process is just a series of steps. It is people who either do not understand the process or are refusing to execute the process, so in the end you have to deal with the people problems first.

Communicate:

This is the hardest part about life. You have to communicate! Ask questions, if someone comes to you with a problem, what is it that they are trying to solve? We are incredibly bad at figuring out what people want from us, if we do not ask questions. Communicate… define the problem, get agreement on what would satisfy all parties, and agree on how to monitor the outcomes.

Knowledge System:

Run the problem through your own personal knowledge system. Many people start out at a job and rely on the company to provide training and if that company has good documentation and processes, this is the system that people end up using. Long term this is not a substitute for a personal system. What I mean by that is that you should be a life-long learner and build your own system for being organized, focused, and having a proper toolbox of skills. There are tools that can help: task managers, Microsoft OneNote & Outlook, etc… try them out, take an online class, take a seminar, find what works for you. Next learn how to take feedback, get a mentor, someone who can give you honest criticism and who you can ask questions. Self improvement: focus on what areas you need for your work, my suggestions: improve your communication skills, learn how to give great presentations, get to know your customers, understand the entire cycle of your business, volunteer to help your peers. Coming back to my previous computer programmer example: accumulate knowledge and expertise. All of this becomes your personal knowledge system in time.

Execute:

Once you have run through all the possible ways to fix the problem and had the discussions with the necessary peers or teams, go and execute the fix, the changes, the solution.

Monitor and Learn:

Solving for X is not the end. You need to take the extra steps to see what the outcomes and perceptions are. You will find that getting feedback is often difficult, but it is important to learn about your mistakes and your successes. For example, one of my favorite tools is Microsoft Excel and though I depend on it, I have learned the hard way to always keep a backup of my original data, to triple check my final analysis, and if at all possible, to have someone else validate my results. The worse feeling in the world is knowing you made a mistake in Excel, five minutes after you have delivered your file. Always have a backup, always validate, always incorporate lessons learned.

Feedback can be as easy as three questions: How am I doing? What could I do better? What can I do different? If you are trying to improve your team, replace the “I” with “We” and keep asking the same questions after every problem resolution, or on a monthly basis. Most of all do not wait to the end of your project, as most people tend to forget what happened in the past.

Make Everyone Better

A famous basketball player once said that it is not enough to be a great player, you have to improve those around you in order to truly win the game. This applies in the work place more than ever.

Success is a measurement that can be shared.

Let’s Encrypt and VirtualMin

Let's Encrypt IconSecurity is now a central concern for technical people and I would argue for most consumers. It is now typical for criminals to target banks, hospitals, and other critical institutions. Privacy is also an issue that is central to a free and progressive society. One solution that gets thrown out is SSL encryption for websites and how we all now need to secure our sites with an SSL certificate. Due to the market though, SSL certificates are one of those things that companies have a hard time making money off of. Most people do not buy SSL certificates, so you wind up with a market that sells bare bones SSL certificates that range around $25 and extended validation certificates for large ecommerce websites that cost thousands of dollars. This is where Let’s Encrypt changes things. Their certificates are free and are recognized by the web browser as a valid secure certificate. This makes SSL encryption a zero cost option for millions of individual webmasters who run websites like WebKeyDesign. There is one other difference with Let’s Encrypt certificates: they are limited to 3 month intervals instead of yearly intervals. However what makes Let’s Encrypt more appealing to webmasters is that the software makes renewals automatic and there is now software integration with cPanel and Virtualmin control panels.

My personal project is a virtual machine that I keep for journal purposes. It allows me the ability to write some thoughts and archive information for later viewing. The virtual machine runs CentOS 7 Linux and can be controlled using Virtualmin. The SSL certificate that was originally setup was self-signed and so I would have to manually add the certificate to iOS, MacOS, and make exceptions in browsers in order to use the website.

Update:
Since writing this, a few things have changed. Let’s Encrypt now requires version 2 of their protocol and old clients are no longer supported. Virtualmin needs to be updated to support the new client. You can read more about the issue on this Virtualmin Forum post. To have this work, on Centos 7, do the following first and then it should work.

yum install certbot
certbot register

I followed TechJourney’s excellent guide: How to Use Let’s Encrypt SSL Certificate Automatically in Virtualmin & Webmin. There were a couple of issues I found out along the way.

Webmin Configuration

The tutorial did not specify the path to the client command. For CentOS, I found this to be:

/root/letsencrypt/letsencrypt-auto

Webmin Let's Encrypt command configuration

This may not be needed. I was able to let Virtualmin automatically find the new client.

Let’s Encrypt SSL for Webmin Login

A secondary problem that I ran into had to do with the separate subdomains. The Apache webserver will respond on your typical www.mydomain.net and mydomain.net, however the Webmin control panel is accessible by another prefix to mydomain.net. Under Virtualmin – Server Configuration – Manage SSL Certificate, the default will be Domains associated with this server. This setting will only pull in the domains that Apache is setup for. If you want to use the Let’s Encrypt SSL Certificate for other subdomains, you have to select Domain names listed here and manually type all your subdomains. You can then under the Current Certificate tab use the Copy to options and use the same certificate for Webmin, Usermin, etc.

Virtualmin Let's Encrypt Manage

If you went ahead and hit the Request Certificate button and then try to add domains, the process will error out. There is no way to reset the certificates from the Virtualmin interface. To resolve the problem, use secure shell and remove the letsencryt directory.

rm -rf /etc/letsencrypt

This allowed me to use the Request Certificate option again and have all my subdomains added to the certificate.