Rocky Linux 8.4 Building a server

1.Disable SELinux First, disable selinux. selinux is a feature that improves auditing and security in Linux, but when it is enabled, it restricts the behavior of services and settings to a great extent. For this reason, selinux is basically disabled in most cases. If you build a server while looking at a website and it does not work as expected, it may be due to the fact that selinux is enabled. So, don't forget to disable it after installation.

1.Creating a Certificate for SSL 1.1 advance preparation The RHEL8 series does not include CA, so use RHEL7 CA. ① Copy the CA to /etc/pki/tls/misc/ using WINSCP, etc. ➁Pass PATH to SSL commands [root@Lepard ~]# export PATH=/etc/pki/tls/misc:$PATH ➂Edit the openssl.cnf file

1.Installation of Apache2 (httpd-2.4.39) and virtual host configuration 1-1.Apache2 installation ①Download and extract httpd-2.4.39 Download [root@Lepard ~]# cd /usr/local/src/ src]# wget http://archive.apache.org/dist/httpd/httpd-2.4.39.tar.gz Extracting the Apache tar file src]# tar zxvf httpd-2.4.39.tar.gz ➁Download and extract apr and apr-util

1.Install Postfix and Dovecot 1-1.Install the required software. [root@Lepard ~]# dnf -y install postfix dovecot cyrus-sasl cyrus-sasl-plain cyrus-sasl-devel [root@Lepard ~]# systemctl enable postfix [root@Lepard ~]# systemctl enable dovecot [root@Lepard ~]# systemctl enable saslauthd Check if Postfix is installed.

FTP Server Inatall 1. vsftpd Install # dnf -y install vsftpd 2. vsftpd configuration Save the unedited vsftpd.conf with .bak

1.Web site data backup 1-1.Backup under /var/www/html ①Create a backup script file [root@Lepard ~]# cd /opt opt]# vi backup_html.sh #!/bin/bash TODAY=`/bin/date +%Y%m%d`

1.Mysql8 Installation 1-1.Install [root@Lepard ~]# dnf module -y install mysql:8.0 [root@Lepard ~]# vi /etc/my.cnf.d/charset.cnf　(Create New) # Set the default character encoding # To handle 4-byte characters such as pictograms, use [utf8mb4] [mysqld] character-set-server = utf8mb4 [client] default-character-set = utf8mb4 [root@Lepard ~]# systemctl enable --now mysql 1-2.Security measures

1.Tripwire Installation 1.1 Download and install [root@Lepard ~]# cd /usr/local/src src]# wget https://rpmfind.net/linux/epel/8/Everything/x86_64/Packages/t/tripwire-2.4.3.7-5.el8.x86_64.rpm src]# rpm -Uvh tripwire-2.4.3.7-5.el8.x86_64.rpm If you get a dependency error, enter the following

Rocky Linux CentOS, which was positioned as a downstream of RHEL (Red Hat Enterprise Linux), will no longer be supported for CentOS 8 on December 31, 2021. There are three distributions (AlmaLinux, RockyLinux, and CentOS Stream 8) that are attracting attention as a destination for migrating from CentOS, but this time we will build a server using the latest version of RockyLinux 8.4 for the following reasons. CentOS Stream 8 Stability concerns with RHEL upstream Support period until May 31, 2024 AlmaLinux AlmaLinux is a free RHEL clone that is being developed by CloudLinux, the developer of CloudLinux OS, a commercial Linux distribution, with the goal of binary compatibility with the current version of RHEL. Support period until 2029 Rocky Linux It is a free RHEL clone by the project started by Gregory Kurtzer, the founder of CentOS, and is being developed by the community as a "production downstream version of RHEL". The company is also eager to acquire sponsors, including Amazon Web Services (AWS) and Google Cloud. Support period until 2029

1.Synchronize the server time with Japan Standard Time. Edit chrony.conf # vi /etc/chrony.conf Per line 3. pool 2.centos.pool.ntp.org iburst ↓ server ntp.nict.jp server ntp1.jst.mfeed.ad.jp server ntp2.jst.mfeed.ad.jp Restart chrony 2.virus protection 2.1 Clam AntiVirus installation and definition/configuration file settings ①Installing Clam AntiVirus # dnf --enablerepo=epel -y install clamav clamav-update clamav-scanner-systemd