##Pre-Flight CheckThis tutorial will cover installation on Kali 2.0 with lighttpd and PHP5-FPM , the latter provides us with fastcgi scripts and capabilities thats why the collaboration of the two is needed. The current Installed versions of Software are:
![]()
If lighttpd is not installed it may be installed as below:
After ensuring the above is installed we need to do a little bit of configuration changes to both so that the software may work correctly.
PHP5-FPM configuration
Here we are concerned with two settings
This guide explains how to install and configure the lighttpd (“lighty”) web server on Ubuntu 16.04 (Xenial Xerus). Consult the resources at the end for more information about deploying other services commonly found in web server stacks.
the configuration to change here is: cgi.fix_pathinfo , by default it is set to 1 , uncomment it by deleting the preceding semicolon as below:
For the second issue we will simply check the configuration settings of the listener to be set to a file , this can be done using the command below:
The result should be as below :
![]()
If this listener is set to a port e.g. 127.0.0.1:9000 change it to the above we want to use socket rather than TCP.
Configuring Lighttpd
Now we need to configure lighttpd to listen on this socket and run our scripts through it, as PHP5-FPM is like a seperate webserver in reality. This configuration will be done in the webservers main configuration file , the default webroot is /var/www/html For purposes of this install as apache is already using that directory I have specified a new web root /var/www/lighttpd. The configuration is located in the path below:
The Lighttpd configuration file for PHP /etc/lighttpd/conf-available/15-fastcgi-php.conf is suitable for use with spawn-fcgi therefore this step is optional, however, we want to use PHP5-FPM, therefore we create a copy of the file and name it 15-fastcgi-php-backup.conf and modify 15-fastcgi-php.conf as follows:
Next we enable fastcgi with the commands below:
Additionally we need to create symlinks to these files , that can be done with the command below:
The result should be as below for these steps so far.
The rewrite rule is set in Webserver Configuration to enable the webserver to obey your fatfree routing engine. Your final lighttpd configuration in: /etc/lighttpd/lighttpd.conf should be as below:
Restart lighttpd with the command below:
Downloading the Software
Download the latest version of the Software from the github repository. i.e. https://github.com/alienwithin/OWASP-mth3l3m3nt-framework
Extract these files to the web root. The web root in our case is :
From the command line this can be done as follows in this case:
If you would like it installed in the Webroot you may move the files after the steps above to the webroot.
If you want it to remain in a sufolder but rename it the command would be :
Configuring the install
The first thing is giving the right permissions to the folders. Currently since we have done this as root it is proper to give the rights to the Apache user. The easiest way to do this is :
next we configure writeable folders to be writeable. We can do this with the commands below:
If installed in the web root you are done with what you need to do. If you have it installed in a subfolder e.g. /var/www/lighttpd/install-new/ . One more step. Edit .htaccess by uncommenting out the line with RewriteBase to reflect.
This could be something as below considering our install-new/ subfolder.
First Run
Next Load the site on the address bar e.g.
To login assuming our URL is http://localhost the administration portal will be :
The default credentials are :
Successful Installation should give you a dashboard as below and you may start using the framework .
Note: By Default the framework utilises the JIG database that is a flat file however if you love RDBMS it supports MySQL, MSSQL and PostgreSQL . This can be switched in the settings.
Install LLMP on Ubuntu 14.04 Lighttpd Features. Support for FastCGI, SCGI, CGI interfaces. Support for using chroot.
Support for modrewrite. Support for TLS/SSL using OpenSSL. A Very small size: 1MB. Low CPU and RAM usage. Licensed under BSD license.This article explains how to install Lighttpd, MariaDB, PHP5 with PhpMyAdmin on Ubuntu 14.04.
Step 1: Installing LighttpdFortunately, Lighttpd is available to install from the official Ubuntu repositories, So if you want to install Lighttpd, you only have to run this command. $ sudo apt-get install lighttpd.
Verify Lighttpd PageBefore, heading up for the further installation, I would like to tell you that following are the important things of Lighttpd you should know before continuing. /var/www/ – is the default root folder for Lighttpd. /etc/lighttpd/ – is the default folder for Lighttpd configuration files.Step 2: Installing PHP5 and ModulesLighttpd webserver won’t be usable without PHP FastCI support. Additionally, you also need to install the ‘php5-mysql’ package to enable MySQL support. # sudo apt-get install php5-cgi php5-mysqlNow to enable PHP module, run the following commands in the terminal.
$ sudo lighty-enable-mod fastcgi$ sudo lighty-enable-mod fastcgi-phpAfter enabling modules, reload the Lighttpd server configuration by running the below command. $ sudo service lighttpd force-reloadNow to test if PHP is working or not, let’s create a ‘ test.php‘ file in /var/www/test.php. $ sudo vi /var/www/test.phpPress the “ i” button to start editing, and add the following line to it. Press ESC key, and write:x and press Enter key to save the file.Now go to your domain or IP address and call test.php file, like You will see this page which means that PHP is installed successfully. Verify PHP Installation Step 3: Installing MariaDBMariaDB is a fork from MySQL, it is also a good database server to use with Lighttpd, to install it on Ubuntu 14.04 run these series of commands in the terminal. $ sudo apt-get install software-properties-common$ sudo apt-key adv -recv-keys -keyserver hkp://keyserver.ubuntu.com:80 0xcbcb082a1bb943db$ sudo add-apt-repository 'deb ftp://ftp.ulak.net.tr/pub/MariaDB/repo/10.1/ubuntu trusty main'$ sudo apt-get update$ sudo apt-get install mariadb-serverDuring installation, you will be asked to enter the MySQL password you want to use with the “ root” user, write the password you want, press the “ Tab” button and hit Enter.
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |