- Prerequisites (Prasyarat)
-
Topologi Jaringan
Gambar Topologi Jaringan
-
Konfigurasi Server dan Client
Konfigurasi Server : -------------------------------------------------- - Sistem Operasi : Linux Debian (10/11) - IP Address NIC 1 : DHCP Internet - Gateway : DHCP Internet - Hostname : ns100 (Gantilah angka 100 dengan nomer absen anda masing-masing) - Domain : sekolah100.sch.id (Gantilah angka 100 dengan nomer absen anda masing-masing) - IP Address NIC 2 : 192.168.100.1/24 (Gantilah angka 100 dengan nomer absen anda masing-masing) Konfigurasi Client : -------------------------------------------------- - Sistem Operasi : Windows - IP Address : DHCP
-
- Seting Server
- DHCP Server
Pastikan instalasi dan konfigurasi DHCP server sudah berjalan dengan baik
- DNS Server
Pastikan instalasi dan konfigurasi DNS server sudah berjalan dengan baik
-
Instalasi dan Konfigurasi Web Server
-
Install paket Web Server
Login sebagai user root
login as: root
This email address is being protected from spambots. You need JavaScript enabled to view it. .1's password: Linux ns100 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2022-01-12) x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright.Lakukan update dan upgrade debian Buster
root@ns100:~# apt update Get:1 http://mirror.smkn1klaten.sch.id/debian buster InRelease [122 kB] Get:2 http://mirror.smkn1klaten.sch.id/debian buster-updates InRelease [51.9 kB] Get:3 http://mirror.smkn1klaten.sch.id/debian-security buster/updates InRelease [65.4 kB] Ign:7 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 Packages Fetched 23.0 MB in 15s (1,528 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 25 packages can be upgraded. Run 'apt list --upgradable' to see them. N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster InRelease' changed its 'Version' value from '10.10' to '10.11' N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster InRelease' changed its 'Suite' value from 'stable' to 'oldstable' N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster-updates InRelease' changed its 'Suite' value from 'stable-updates' to 'oldstable-updates' N: Repository 'http://mirror.smkn1klaten.sch.id/debian-security buster/updates I nRelease' changed its 'Suite' value from 'stable' to 'oldstable'
root@ns100:~# apt upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following NEW packages will be installed: linux-image-4.19.0-18-amd64 The following packages will be upgraded: base-files bind9 bind9-host bind9utils debconf debconf-i18n distro-info-data dnsutils krb5-locales libbind9-161 libdns-export1104 libdns1104 libgssapi-krb5-2 libicu63 libirs-export161 libirs161 libisc-export1100 libisc1100 libisccc161 libisccfg-export163 libisccfg163 libk5crypto3 libkrb5-3 libkrb5support0 liblwres161 libssl1.1 linux-image-amd64 openssl python3-debconf tzdata 30 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 67.1 MB of archives. After this operation, 270 MB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 base-files amd64 10.3+deb10u11 [69.9 kB] Get:2 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 debconf-i18n all 1.5.71+deb10u1 [206 kB] Get:3 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 python3-debconf all 1.5.71+deb10u1 [4,028 B] Preparing to unpack .../17-krb5-locales_1.17-3+deb10u3_all.deb ... Unpacking distro-info-data (0.41+deb10u4) over (0.41+deb10u3) ... Preparing to unpack .../19-libisc-export1100_1%3a9.11.5.P4+dfsg-5.1+deb10u6_amd64.deb ... Unpacking libisc-export1100:amd64 (1:9.11.5.P4+dfsg-5.1+deb10u6) over (1:9.11.5.P4+dfsg-5.1+deb10u5) ... Progress: [ 48%] [#########################################.............................................] Setting up bind9 (1:9.11.5.P4+dfsg-5.1+deb10u6) ... bind9-pkcs11.service is a disabled or a static unit not running, not starting it. bind9-resolvconf.service is a disabled or a static unit not running, not starting it. Processing triggers for libc-bin (2.28-10) ... root@ns100:~#
Instal paket Web server
root@ns100:~# apt install apache2 php Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: linux-image-4.19.0-11-amd64 Use 'apt autoremove' to remove it. The following additional packages will be installed: apache2-bin apache2-data apache2-utils libapache2-mod-php7.3 libapr1 php7.3-common php7.3-json php7.3-opcache php7.3-readline psmisc ssl-cert 0 upgraded, 24 newly installed, 0 to remove and 0 not upgraded. Need to get 7,266 kB of archives. After this operation, 28.2 MB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 libapr1 amd64 1.6.5-1+b1 [102 kB] Get:2 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 libaprutil1 amd64 1.6.1-4 [91.8 kB] Creating config file /etc/php/7.3/mods-available/readline.ini with new version Setting up apache2-bin (2.4.38-3+deb10u7) ... update-alternatives: using /usr/bin/phar.phar7.3 to provide /usr/bin/phar.phar (phar.phar) in auto mode Creating config file /etc/php/7.3/cli/php.ini with new version Progress: [ 90%] [#############################################################################.........] Creating config file /etc/php/7.3/apache2/php.ini with new version Module mpm_event disabled. Enabling module mpm_prefork. apache2_switch_mpm Switch to prefork Setting up php7.3 (7.3.31-1~deb10u1) ... Setting up php (2:7.3+69) ... Processing triggers for man-db (2.8.5-2) ... Processing triggers for libc-bin (2.28-10) ... root@ns100:~#
-
Konfigurasi HTTP
Seting VirtualHost
root@ns100:~# cd /etc/apache2/sites-available/ root@ns100:/etc/apache2/sites-available# ls 000-default.conf default-ssl.conf root@ns100:/etc/apache2/sites-available# cp 000-default.conf sekolah100.conf
root@ns100:/etc/apache2/sites-available# nano sekolah100.conf < *:80> # The ServerName directive sets the request scheme, hostname and port that # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerName sekolah100.sch.id ServerAlias www.sekolah100.sch.id ServerAdmin
This email address is being protected from spambots. You need JavaScript enabled to view it. DocumentRoot /var/www/html/http # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined # For most configuration files from conf-available/, which are # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf </VirtualHost> # vim: syntax=apache ts=4 sw=4 sts=4 sr noetJangan lupa untuk menyimpan perubahan konfigurasi dengan menekan Ctrl+x kemudian tekan y lalu Enter
root@ns100:/etc/apache2/sites-available# mkdir /var/www/html/http root@ns100:/etc/apache2/sites-available# nano /var/www/html/http/index.html <p><h1>HTTP</h1></p> <p><h2>http://192.168.100.1</h2></p> <p><h2>http://sekolah100.sch.id</h2></p>
root@ns100:/etc/apache2/sites-available# a2dissite 000-default.conf Site 000-default disabled. To activate the new configuration, you need to run: systemctl reload apache2
root@ns100:/etc/apache2/sites-available# a2ensite sekolah100.conf Enabling site sekolah100. To activate the new configuration, you need to run: systemctl reload apache2
root@ns100:/etc/apache2/sites-available# /etc/init.d/apache2 restart [ ok ] Restarting apache2 (via systemctl): apache2.service.
-
Pengujian Web Server (HTTP) di client
Gbr.06 Web Server (HTTP)mengunakan IP Address
Gbr.07 Web Server (HTTP)mengunakan Nama Domain
-
Konfigurasi HTTPS
root@ns100:/etc/apache2/sites-available# cd /etc/ssl/private/
root@ns100:/etc/ssl/private# openssl genrsa -aes128 -out sekolah100.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ........................................................................+++++ ...................................+++++ e is 65537 (0x010001) Enter pass phrase for sekolah100.key: root123 Verifying - Enter pass phrase for sekolah100.key: root123
root@ns100:/etc/ssl/private# openssl rsa -in sekolah100.key -out sekolah100.key Enter pass phrase for sekolah100.key: root123 writing RSA key
root@ns100:/etc/ssl/private# openssl req -new -days 365 -key sekolah100.key -out sekolah100.csr Ignoring -days; not generating a certificate You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:ID State or Province Name (full name) [Some-State]:JAWA TENGAH Locality Name (eg, city) []:KLATEN Organization Name (eg, company) [Internet Widgits Pty Ltd]:SMKN 1 KLATEN Organizational Unit Name (eg, section) []:TKJ Common Name (e.g. server FQDN or YOUR name) []:sekolah100.sch.id Email Address []:
This email address is being protected from spambots. You need JavaScript enabled to view it. Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:Tekan Enter saja An optional company name []:Tekan Enter sajaroot@ns100:/etc/ssl/private# openssl x509 -in sekolah100.csr -out sekolah100.crt -req -signkey sekolah100.key -days 365 Signature ok subject=C = ID, ST = JAWA TENGAH, L = KLATEN, O = SMKN 1 KLATEN, OU = TKJ, CN = sekolah100.sch.id, emailAddress =
This email address is being protected from spambots. You need JavaScript enabled to view it. Getting Private keyroot@ns100:/etc/ssl/private# chmod 400 sekolah100.*
root@ns100:/etc/ssl/private# cd /etc/apache2/sites-available/ root@ns100:/etc/apache2/sites-available# ls 000-default.conf default-ssl.conf sekolah100.conf root@ns100:/etc/apache2/sites-available# cp default-ssl.conf sekolah100-ssl.conf
root@ns100:/etc/apache2/sites-available# nano sekolah100-ssl.conf < mod_ssl.c> < _default_:443> ServerAdmin
This email address is being protected from spambots. You need JavaScript enabled to view it. ServerName sekolah100.sch.id ServerAlias www.sekolah100.sch.id DocumentRoot /var/www/html/https # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on # A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. #SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem #SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key SSLCertificateFile /etc/ssl/private/sekolah100.crt SSLCertificateKeyFile /etc/ssl/private/sekolah100.key # SSL Protocol Adjustments: # downgrade-1.0 force-response-1.0 </VirtualHost> </IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noetroot@ns100:/etc/apache2/sites-available# mkdir /var/www/html/https root@ns100:/etc/apache2/sites-available# nano /var/www/html/https/index.html <p></p> <div align="center"> <p>ini adalah halaman HTTPS</p> <p><h1><marquee>HTTPS</marquee></h1></p> <p><h2>https://192.168.100.1</h2></p> <p><h2>https://sekolah100.sch.id</h2></p> </div>
root@ns100:/etc/apache2/sites-available# a2enmod ssl Considering dependency setenvif for ssl: Module setenvif already enabled Considering dependency mime for ssl: Module mime already enabled Considering dependency socache_shmcb for ssl: Enabling module socache_shmcb. Enabling module ssl. See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates. To activate the new configuration, you need to run: systemctl restart apache2
root@ns100:/etc/apache2/sites-available# a2ensite sekolah100-ssl.conf Enabling site sekolah100-ssl. To activate the new configuration, you need to run: systemctl reload apache2
root@ns100:/etc/apache2/sites-available# /etc/init.d/apache2 restart [ ok ] Restarting apache2 (via systemctl): apache2.service.
-
Pengujian Web Server (HTTPS) di client
Gbr.08 Web Server (HTTPS) mengunakan IP Address
Gbr.09 Web Server (HTTPS)mengunakan mengunakan IP Address
Gbr.10 Web Server (HTTPS)mengunakan mengunakan IP Address
Gbr.11 Web Server (HTTPS)mengunakan mengunakan IP Address
Gbr.12 Web Server (HTTPS)mengunakan Nama Domain
-
- Kesimpulan
Selamat! akhirnya kita telah belajar dan berhasil melakukan instalasi dan konfigurasi Web Server (HTTP dan HTTPS)
- DHCP Server