WiFi: HotSpot - CoovaChilli Instalasi Apache dan SSL

From OnnoWiki
Revision as of 09:46, 7 April 2010 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Apache Server

Create login page

We need to create a login page. Fortunately the creators of coovachilli have included hotspotlogin.cgi with the source code:

To find this file use this command:

find / | grep 'hotspotlogin.cgi'

In our example the file we require is found in:

/usr/share/doc/coova-chilli/hotspotlogin.cgi.gz

We need to create a directory in our apache web server, copy hotspotlogin.cgi and make it executable.

sudo mkdir -p /var/www/hotspot/cgi-bin zcat -c /usr/share/doc/coova-chilli/hotspotlogin.cgi.gz | sudo tee /var/www/hotspot/cgi-bin/hotspotlogin.cgi sudo chmod a+x /var/www/hotspot/cgi-bin/hotspotlogin.cgi

edit login script

nano -w /var/www/hotspot/cgi-bin/hotspotlogin.cgi

Uncomment and change password

$uamsecret = "uamsecret"; $userpassword=1;

if you like to edit the page later, don't use print "HTML code"; use

print <<ENDHTML; ....your HTML code here.....

ENDHTML

this way you don't need to escape the double quotes. SSL

Apache Modules

To install the Apache2 module for MYSQL authentication, you can run the following command from a terminal prompt:

sudo apt-get install libapache2-mod-auth-mysql

Once you install the module, the module will be available in the /etc/apache2/mods-available directory. You can use the a2enmod command to enable a module. You can use the a2dismod command to disable a module. Once you enable the module, the module will be available in the the /etc/apache2/mods-enabled directory. Setup up Apache and SSL

Make sure LAMP server is installed, if not use the following command:

tasksel

Create a Certificate

sudo apt-get install ssl-cert

sudo mkdir /etc/apache2/ssl

We need to find our host name for our cert

hostname -f

Hardcoding cert lifetime based on this patch: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293821#22

sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

(Answer questions)

   * Note: The "Host Name" must be fill out correctly The host name of the server the certificate is for. This must be filled in. (commonName) 

Host Name as per hostname -f

host.name #change to your host name

Install Module

The mod_ssl module adds an important feature to the Apache2 server - the ability to encrypt communications. Thus, when your browser is communicating using SSL encryption, the https:// prefix is used at the beginning of the Uniform Resource Locator (URL) in the browser navigation bar.

sudo a2enmod ssl

/etc/init.d/apache2 force-reload

Create virtualhost

Create a virtualhost file so it looks something like this:

sudo nano -w /etc/apache2/sites-available/hotspot

NameVirtualHost 10.1.0.1:443 <VirtualHost 10.1.0.1:443>

       ServerAdmin webmaster@domain.org
       DocumentRoot "/var/www/hotspot"
       ServerName "10.1.0.1"
       <Directory "/var/www/hotspot/">
               Options Indexes FollowSymLinks MultiViews
               AllowOverride None
               Order allow,deny
               allow from all
       </Directory> 
       Alias "/dialupadmin/" "/usr/share/freeradius-dialupadmin/htdocs/" 
       <Directory "/usr/share/freeradius-dialupadmin/htdocs/"> 
               Options Indexes FollowSymLinks MultiViews
               AllowOverride None
               Order allow,deny
               allow from all
       </Directory>
       ScriptAlias /cgi-bin/ /var/www/hotspot/cgi-bin/ #this here is a alias with no hotspot path !!!!!!!
       <Directory "/var/www/hotspot/cgi-bin/">
               AllowOverride None
               Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
               Order allow,deny
               Allow from all
       </Directory>
       ErrorLog /var/log/apache2/hotspot-error.log
       LogLevel warn
       CustomLog /var/log/apache2/hotspot-access.log combined
       ServerSignature On 
       SSLEngine on 
       SSLCertificateFile /etc/apache2/ssl/apache.pem

</VirtualHost>

Enable SSL virtualhost

sudo a2ensite hotspot

/etc/init.d/apache2 reload

Listen Ports

HTTPS should listen on port number 443. You should add the following line to the /etc/apache2/ports.conf file:

nano -w /etc/apache2/ports.conf

Listen *:443 Listen *:80

  1. <IfModule mod_ssl.c>
  2. Listen 443
  3. </IfModule>

don't forget to modify

sudo nano -w /etc/apache2/sites-available/default

NameVirtualHost *:80 <virtualhost *:80>

Server Root

nano -w /etc/apache2/apache2.conf

add

ServerName 10.1.0.1

Edit host file

nano -w /etc/hosts

10.1.0.1 host.name host #change to your host name

Restart Apache server

sudo /etc/init.d/apache2 restart

your web broswer should be able to link to pages

https://10.1.0.1/cgi-bin/hotspotlogin.cgi

and

http://10.1.0.1:3990/

Finish

Reboot your computer and everything should work, lol does that really need a reboot???? whatever lets restart:

reboot


Pranala Menarik