I am building ASP.NET sites. I was wondering what's the industrial standard to set up prod/test/dev environment. There are 2 approaches I know:
create 3 domains:
www.mysite.com
test.mysite.com
dev.mysite.com
Further question here: is it good to put them all on same machine? or put production one on one machine, and test/dev both on the other machine in private network.
2. use hosts file to point to different machines
1.2.3.4 www.mysite.com # production server
192.168.0.1 www.mysite.com # dev server
192.168.0.2 www.mysite.com # test server
or if I want to consolidate test/dev sites.
1.2.3.4 www.mysite.com # production server
192.168.0.1 dev.mysite.com # dev server
192.168.0.1 test.mysite.com # test server
Can the community advise a more systematic/organize/scalable approach? Thanks.
We have a "production" machine and a "staging" machine. Our "development" machine is the local developer's PC. You should NOT put production on the same box as testing and development.
Related
I am trying to setup an IPSec tunnel on my virtual machine on Google Compute Engine and it seems all my traffic is blocked. Even though I have open the necessary ports on both the Windows Server 2016 server and Google's Firewall. Question I have is it possible to setup the VPN tunnel on the server it self or should I make use of the Hybrid Connectivity VPN or something else? I have the same setup on a dedicated server but just can't get Main Mode and or Quick Mode functioning at all.
PS I have setup many iPSec tunnels on stand alone server just not on a virtual server using Google Compute Engine.
Thanks in advance for your help on this one.
I was able to set up IPSec VPN server with Debian 10 virtual machine, on Google Compute Engine.
Here's what I did:
While creating virtual machine instance (Debian 10 for example), in "Network interface" window set option "IP forwarding" to "ON";
On "VPC network" page create firewall rule with open ports: "udp: 500, 4500";
Use this script to setup VPN software:
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
It will generate credentials needed for next step. They look like this: "Server IP: ****", "IPsec PSK: ****", "Username: ****", "Password: ****".
For client configuration use credentials generated from above step and IPsec/XAuth protocol while setting vpn connection.
Look here if you encounter problems: https://github.com/hwdsl2/setup-ipsec-vpn/blob/master/docs/clients-xauth.md
Check this guide "IPsec VPN Server Auto Setup Scripts" for more information:
https://github.com/hwdsl2/setup-ipsec-vpn
Looking to confirm the last bit regarding DMZ.
Servers as follows:
- 1 x Ubuntu Server 16.02 - Internal MYSQL SERVER
- 1 X Ubuntu Server 16.02 - Internal Only Apache2 Webserver,
- 1 x Ubuntu Server 16.02 - Sat in DMZ for access via vpn/mobile clients.
We have 2 instances of Suite running, a live system and a development system.
each with its own MYSQL DB.
The MYSQL Server is currently internal but with various security lock downs in place for specific access only from both webservers only.
SuiteCRM Internally all fine but I am concerned then when I come to do the external Web Server that the URL for Suite is embedded into the mysql db and that I will have problems.
As mentioned above. This setup is now all working as I described above.
I had 2 issues, 1 was an incorrect Apache site/host config and the second was file permissions from the working copied website to the DMZ machine.
After I updated permissions as per the SuiteCRM site, all worked fine.
Hi I'm new to website development and I am trying to configure a number of websites from my home based server using Apache2 and Linux Mint.
I have setup three new websites in addition to the 000-default page.I have created the Virtual Host config files in sites-available and have added the sites to Host.conf. Internally(on the server in a browser) they are all working fine - I can access all four sites using localhost or the URLs I've configured them with -tested with and without the www. prefix and all seems fine. The four sites are just basic HTML scripts with different headers and different one line body.
I've added Listen 8090 to Listen 80 on my ports.conf file and have opened port 80 and 8090 on my firewall and have updated Port Forwarding on my router and tested they are open using PortCheckTool. The two ports are open and every other port is locked out so that seems good too.
I've tried to configure a GoDaddy domain name to direct activity to one of these sites. The domain name that works internally (on the server in a browser) is the same as my GoDaddy domain name I've bought. I've been into my GoDaddy account and pointed this domain at my external IP address (tried also adding port to forwarding 8090 as well as leaving port number as default). However when I access this domain from my mobile phone using 3G with WIFI turned off I just get sent to the 000-default homepage.Same using default Port 80 and with Port Forwarding to 8090. I have script for both 80 and 8090 in my site config files in sites-available directory.
So the connection is getting to the server, ports are OK, it's just that apache2 doesn't redirect the GoDaddy traffic but redirects fine locally on the server for the same site!?
Any ideas what I am missing?
Any help would be much appreciated.
Thanks.
My local machine is not connected to internet. However, I have a server on local network which I can connect via SSH. This server is directly connected to internet. I do not have the admin privileges on the server, so I cannot install a browser on it. However, I can download web pages on it using wget. I was wondering if there exists a way so that I can browse internet using a regular browser installed on my local machine.
If you have SSH access to the server you can try using it as a proxy.
ssh -D 8765 user#host
Then you need to set a SOCKS5 proxy on your browser pointing to 127.0.0.1:8765 and you'll be ready to browse the Internet as long as the SSH connection is alive.
The port 8765 is used just for example. You can use any port between 1025 and 65535.
If it's allowing you to get webpages with wget, you might want to see if the server is set up to be a proxy server.
I have 2 servers srv-erp1 and srv-erp3. I made them mirror on each other. All setup is done by lots of tutorials and examples.
But when I call
ALTER DATABASE MIRROR_TEST SET PARTNER = 'TCP://srv-erp3:5022'
It`s response is:
The server network address "TCP://srv-erp3:5022" can not be reached or
does not exist. Check the network address name and that the ports for
the local and remote endpoints are operational.
I go to cmd on srv-erp3 and use netstat -an... this port is listening.
I go to cmd on srv-erp1 and use telnet srv-erp3 5022...and its ok to connect.
All firewalls are turned off. The only difference in config of srvrs is that srv-erp1 is on Windows Server 2003 R2 x64, and srv-erp3 is on Windows 2008 R2 x64
What can be the reason of this problem?
Regards, Dmitry.
I have such problem, the solution was using certificates. My problem appeared because my servers were not in one domain.