G. Instalasi dan konfigurasi WEB Server

Prerequisites (Prasyarat)

Topologi Jaringan

Gambar Topologi Jaringan

Konfigurasi Server dan Client

Konfigurasi Server :
--------------------------------------------------
- Sistem Operasi        : Linux Debian (10/11)
- IP Address NIC 1      : DHCP Internet
- Gateway               : DHCP Internet

- Hostname              : ns100             (Gantilah angka 100 dengan nomer absen anda masing-masing)
- Domain                : sekolah100.sch.id (Gantilah angka 100 dengan nomer absen anda masing-masing)
- IP Address NIC 2      : 192.168.100.1/24  (Gantilah angka 100 dengan nomer absen anda masing-masing)


Konfigurasi Client :
--------------------------------------------------
- Sistem Operasi        : Windows
- IP Address            : DHCP

Seting Server

DHCP Server
Pastikan instalasi dan konfigurasi DHCP server sudah berjalan dengan baik
DNS Server
Pastikan instalasi dan konfigurasi DNS server sudah berjalan dengan baik

Instalasi dan Konfigurasi Web Server

Install paket Web Server

login as: root
This email address is being protected from spambots. You need JavaScript enabled to view it..1's password:

Linux ns100 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2022-01-12) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Lakukan update dan upgrade debian Buster

root@ns100:~# apt update
Get:1 http://mirror.smkn1klaten.sch.id/debian buster InRelease [122 kB]
Get:2 http://mirror.smkn1klaten.sch.id/debian buster-updates InRelease [51.9 kB]
Get:3 http://mirror.smkn1klaten.sch.id/debian-security buster/updates InRelease [65.4 kB]
Ign:7 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 Packages
Fetched 23.0 MB in 15s (1,528 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
25 packages can be upgraded. Run 'apt list --upgradable' to see them.
N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster InRelease' changed its 'Version' value from '10.10' to '10.11'
N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster InRelease' changed its 'Suite' value from 'stable' to 'oldstable'
N: Repository 'http://mirror.smkn1klaten.sch.id/debian buster-updates InRelease' changed its 'Suite' value from 'stable-updates' to 'oldstable-updates'
N: Repository 'http://mirror.smkn1klaten.sch.id/debian-security buster/updates I nRelease' changed its 'Suite' value from 'stable' to 'oldstable'

root@ns100:~# apt upgrade  
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following NEW packages will be installed:
  linux-image-4.19.0-18-amd64
The following packages will be upgraded:
  base-files bind9 bind9-host bind9utils debconf debconf-i18n distro-info-data dnsutils krb5-locales
  libbind9-161 libdns-export1104 libdns1104 libgssapi-krb5-2 libicu63 libirs-export161 libirs161
  libisc-export1100 libisc1100 libisccc161 libisccfg-export163 libisccfg163 libk5crypto3 libkrb5-3
  libkrb5support0 liblwres161 libssl1.1 linux-image-amd64 openssl python3-debconf tzdata
30 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 67.1 MB of archives.
After this operation, 270 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 base-files amd64 10.3+deb10u11 [69.9 kB]
Get:2 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 debconf-i18n all 1.5.71+deb10u1 [206 kB]
Get:3 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 python3-debconf all 1.5.71+deb10u1 [4,028 B]
Preparing to unpack .../17-krb5-locales_1.17-3+deb10u3_all.deb ...
Unpacking distro-info-data (0.41+deb10u4) over (0.41+deb10u3) ...
Preparing to unpack .../19-libisc-export1100_1%3a9.11.5.P4+dfsg-5.1+deb10u6_amd64.deb ...
Unpacking libisc-export1100:amd64 (1:9.11.5.P4+dfsg-5.1+deb10u6) over (1:9.11.5.P4+dfsg-5.1+deb10u5) ...

Progress: [ 48%] [#########################################.............................................]
Setting up bind9 (1:9.11.5.P4+dfsg-5.1+deb10u6) ...
bind9-pkcs11.service is a disabled or a static unit not running, not starting it.
bind9-resolvconf.service is a disabled or a static unit not running, not starting it.
Processing triggers for libc-bin (2.28-10) ...
root@ns100:~#

Instal paket Web server

root@ns100:~# apt install apache2 php
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
  linux-image-4.19.0-11-amd64
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
  apache2-bin apache2-data apache2-utils libapache2-mod-php7.3 libapr1
  php7.3-common php7.3-json php7.3-opcache php7.3-readline psmisc ssl-cert
0 upgraded, 24 newly installed, 0 to remove and 0 not upgraded.
Need to get 7,266 kB of archives.
After this operation, 28.2 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 libapr1 amd64 1.6.5-1+b1 [102 kB]
Get:2 http://mirror.smkn1klaten.sch.id/debian buster/main amd64 libaprutil1 amd64 1.6.1-4 [91.8 kB]
Creating config file /etc/php/7.3/mods-available/readline.ini with new version
Setting up apache2-bin (2.4.38-3+deb10u7) ...
update-alternatives: using /usr/bin/phar.phar7.3 to provide /usr/bin/phar.phar (phar.phar) in auto mode
Creating config file /etc/php/7.3/cli/php.ini with new version

Progress: [ 90%] [#############################################################################.........]
Creating config file /etc/php/7.3/apache2/php.ini with new version
Module mpm_event disabled.
Enabling module mpm_prefork.
apache2_switch_mpm Switch to prefork
Setting up php7.3 (7.3.31-1~deb10u1) ...
Setting up php (2:7.3+69) ...
Processing triggers for man-db (2.8.5-2) ...
Processing triggers for libc-bin (2.28-10) ...
root@ns100:~#

Konfigurasi HTTP

Seting VirtualHost

root@ns100:~# cd /etc/apache2/sites-available/

root@ns100:/etc/apache2/sites-available# ls
000-default.conf  default-ssl.conf

root@ns100:/etc/apache2/sites-available# cp 000-default.conf sekolah100.conf

                            
root@ns100:/etc/apache2/sites-available# nano sekolah100.conf

< *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerName sekolah100.sch.id
        ServerAlias www.sekolah100.sch.id
        ServerAdmin This email address is being protected from spambots. You need JavaScript enabled to view it.
        DocumentRoot /var/www/html/http

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Jangan lupa untuk menyimpan perubahan konfigurasi dengan menekan Ctrl+x kemudian tekan y lalu Enter

root@ns100:/etc/apache2/sites-available# mkdir /var/www/html/http

root@ns100:/etc/apache2/sites-available# nano /var/www/html/http/index.html

<p><h1>HTTP</h1></p>
<p><h2>http://192.168.100.1</h2></p>
<p><h2>http://sekolah100.sch.id</h2></p>

root@ns100:/etc/apache2/sites-available# a2dissite 000-default.conf
Site 000-default disabled.
To activate the new configuration, you need to run:
  systemctl reload apache2

root@ns100:/etc/apache2/sites-available# a2ensite sekolah100.conf
Enabling site sekolah100.
To activate the new configuration, you need to run:
  systemctl reload apache2

root@ns100:/etc/apache2/sites-available# /etc/init.d/apache2 restart
[ ok ] Restarting apache2 (via systemctl): apache2.service.

Pengujian Web Server (HTTP) di client

Gbr.06 Web Server (HTTP)mengunakan IP Address

Gbr.07 Web Server (HTTP)mengunakan Nama Domain

Konfigurasi HTTPS

root@ns100:/etc/apache2/sites-available# cd /etc/ssl/private/

root@ns100:/etc/ssl/private# openssl genrsa -aes128 -out sekolah100.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
........................................................................+++++
...................................+++++
e is 65537 (0x010001)
Enter pass phrase for sekolah100.key: root123
Verifying - Enter pass phrase for sekolah100.key: root123

root@ns100:/etc/ssl/private# openssl rsa -in sekolah100.key -out sekolah100.key
Enter pass phrase for sekolah100.key: root123
writing RSA key

root@ns100:/etc/ssl/private# openssl req -new -days 365 -key sekolah100.key -out sekolah100.csr
Ignoring -days; not generating a certificate
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:ID
State or Province Name (full name) [Some-State]:JAWA TENGAH
Locality Name (eg, city) []:KLATEN
Organization Name (eg, company) [Internet Widgits Pty Ltd]:SMKN 1 KLATEN
Organizational Unit Name (eg, section) []:TKJ
Common Name (e.g. server FQDN or YOUR name) []:sekolah100.sch.id
Email Address []:This email address is being protected from spambots. You need JavaScript enabled to view it.

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:Tekan Enter saja
An optional company name []:Tekan Enter saja

root@ns100:/etc/ssl/private# openssl x509 -in sekolah100.csr -out sekolah100.crt -req -signkey sekolah100.key -days 365
Signature ok
subject=C = ID, ST = JAWA TENGAH, L = KLATEN, O = SMKN 1 KLATEN, OU = TKJ, CN = sekolah100.sch.id, emailAddress = This email address is being protected from spambots. You need JavaScript enabled to view it.
Getting Private key

root@ns100:/etc/ssl/private# chmod 400 sekolah100.*

root@ns100:/etc/ssl/private# cd /etc/apache2/sites-available/

root@ns100:/etc/apache2/sites-available# ls
000-default.conf  default-ssl.conf  sekolah100.conf

root@ns100:/etc/apache2/sites-available# cp default-ssl.conf sekolah100-ssl.conf

root@ns100:/etc/apache2/sites-available# nano sekolah100-ssl.conf
< mod_ssl.c>
        < _default_:443>
        
                ServerAdmin This email address is being protected from spambots. You need JavaScript enabled to view it.
                ServerName sekolah100.sch.id
                ServerAlias www.sekolah100.sch.id
                
                DocumentRoot /var/www/html/https

                # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
                # error, crit, alert, emerg.

                #   SSL Engine Switch:
                #   Enable/Disable SSL for this virtual host.
                SSLEngine on

                #   A self-signed (snakeoil) certificate can be created by installing
                #   the ssl-cert package. See
                #   /usr/share/doc/apache2/README.Debian.gz for more info.
                #   If both key and certificate are stored in the same file, only the
                #   SSLCertificateFile directive is needed.
                #SSLCertificateFile     /etc/ssl/certs/ssl-cert-snakeoil.pem
                #SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

                SSLCertificateFile      /etc/ssl/private/sekolah100.crt
                SSLCertificateKeyFile /etc/ssl/private/sekolah100.key

                #   SSL Protocol Adjustments:
                #               downgrade-1.0 force-response-1.0

        </VirtualHost>
</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

root@ns100:/etc/apache2/sites-available# mkdir /var/www/html/https

root@ns100:/etc/apache2/sites-available# nano /var/www/html/https/index.html

<p></p>
<div align="center">
  <p>ini adalah halaman HTTPS</p>
  <p><h1><marquee>HTTPS</marquee></h1></p>
  <p><h2>https://192.168.100.1</h2></p>
  <p><h2>https://sekolah100.sch.id</h2></p>
</div>

root@ns100:/etc/apache2/sites-available# a2enmod ssl
Considering dependency setenvif for ssl:
Module setenvif already enabled
Considering dependency mime for ssl:
Module mime already enabled
Considering dependency socache_shmcb for ssl:
Enabling module socache_shmcb.
Enabling module ssl.
See /usr/share/doc/apache2/README.Debian.gz on how to configure SSL and create self-signed certificates.
To activate the new configuration, you need to run:
  systemctl restart apache2

root@ns100:/etc/apache2/sites-available# a2ensite sekolah100-ssl.conf
Enabling site sekolah100-ssl.
To activate the new configuration, you need to run:
  systemctl reload apache2

root@ns100:/etc/apache2/sites-available# /etc/init.d/apache2 restart
[ ok ] Restarting apache2 (via systemctl): apache2.service.

Pengujian Web Server (HTTPS) di client

Gbr.08 Web Server (HTTPS) mengunakan IP Address

Gbr.09 Web Server (HTTPS)mengunakan mengunakan IP Address

Gbr.10 Web Server (HTTPS)mengunakan mengunakan IP Address

Gbr.11 Web Server (HTTPS)mengunakan mengunakan IP Address

Gbr.12 Web Server (HTTPS)mengunakan Nama Domain

Kesimpulan

Selamat! akhirnya kita telah belajar dan berhasil melakukan instalasi dan konfigurasi Web Server (HTTP dan HTTPS)