Difference between revisions of "Contensive Installation and Setup"
From Contensive Wiki
(→Non-Amazon Server) |
|||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
====Non-Amazon Server==== | ====Non-Amazon Server==== | ||
This instruction prepares a Windows Server 2008 R2 for Contensive 4.1.636. | This instruction prepares a Windows Server 2008 R2 for Contensive 4.1.636. | ||
Line 98: | Line 83: | ||
#**PHP 5.5.11 (previously 5.3.5) | #**PHP 5.5.11 (previously 5.3.5) | ||
#*Firefox or Chrome | #*Firefox or Chrome | ||
− | #* Optional backup provider like Carbonite. | + | #*Optional backup provider like Carbonite. Backup stores: |
− | #Sql Server 2008 R2 SP2. If Db size anticipated under 20G use Express Edition. Over 20G requires Web Edition | + | #**\DbBackup (daily database backup files) |
+ | #**\inetpub (content files, wwwRoot for each site) | ||
+ | #**\program files (x86)\kma\contensive\config (server configuration) | ||
+ | #**\program files (x86)\kma\contensive\addons (addons used by all sites) | ||
+ | #*Sql Server 2008 R2 SP2. If Db size anticipated under 20G use Express Edition. Over 20G requires Web Edition | ||
#**Google search, “Microsoft® SQL Server® 2008 R2 SP2 - Express Edition” | #**Google search, “Microsoft® SQL Server® 2008 R2 SP2 - Express Edition” | ||
#**for 32-bit machines - use x86 | #**for 32-bit machines - use x86 | ||
Line 172: | Line 161: | ||
#*IIS Admin Services - Start and set to automatic | #*IIS Admin Services - Start and set to automatic | ||
#*SQL Server - Start and set to automatic | #*SQL Server - Start and set to automatic | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− |
Revision as of 21:25, 5 November 2016
Non-Amazon Server
This instruction prepares a Windows Server 2008 R2 for Contensive 4.1.636.
- Establish a domain name for the server unrelated to the possible website.
- Windows Web Server 2008 R2-64
- Install the latest Windows Updates$
- Setup external firewall
- 80
- 21
- 443
- 3389 allow during setup, then disable after RDP 5901 setup in registry
- 5900 for Contensive Monitor
- 5901, for remote desktop, point-to-point if possible to
- ICMP
- reverse map the server’s domain to the primary IP address
- Disable User Access Control
- Control Panel > users > Left Pane
- Set the warnings all the way off
- Create accounts
- Administrative tools > Computer Management > Local User and Groups
- If you have an external firewall, leave the administrator account and save it for emergencies, else disable it
- Create a user admin account (not administrator), password never expires
- Create a user for contensive, un:contensive, password never expires
- Administrative tools > Computer Management > Local User and Groups
- Windows Firewall. If you access the server remotely, we recommend you use an external firewall and disable the windows firewall to descrease the possibility of losing access to your machine.
- Administrative Tools > Windows Firewall > Inbound Rules
- World Wide Web Services, ports 80 + 443, allow
- Remote Desktop + Remote DesktopFX, 3389. allow. If server access is limited to only a remote connection, leave this open. If you direct access to the machine, limit 3389 to your local IP(s)
- add rule for Contensive Monitor, 5900, allow
- add rule for Remote Desktop, 5901, allow
- ICMPv4 (ping), allow
- Networking
- Control Panel, set small icons, Network and Sharing Center
- Local Area Connection > Properties > dbl click IP4
- Verify all IP addresses are entered with mask, gateway and DNS. If no DNS available, use Google's 8.8.8.8, 8.8.4.4
- Local Security Policy
- Administrative Tools > Local Security Policy > LocalPolicies
- Local Policies > User Rights Assignment > Allow login through remote desktop
- + Administrators
- Security Options > “interactive Login: do not display last user name”=enable
- Account policies > Account Lockout Policy
- 3 invalid attempts
- 3 minute lockout
- Remote Desktop Change Port (optional to increase security if you only have remote server access and no external firewall)
- Regedit
- HLM > System > Current Control Set > Control > Terminal Server > Winstations > RDP_TCP > PortNumber, set to 5901.
- Install IIS
- Server manager → Roles → Install WebServer IIS
- Administrative Tools > Server Manager > Root screen
- Configure IE ESC > Turn off
- Check “Do not show me this consol at login”
- Add Roles and Features
- Administrative Tools > Server Manager > Roles > Add Role Services
- Check ASP.NET, agree to add required roles
- Check ASP
- Check CGI
- Security, Basic Authentication
- Management Tools, IIS 6 management compatibility
- Administrative Tools > Server Manager > Features
- Check SMTP Server, agree to add required roles
- Windows Settings
- Set timezone (typically for your customer's timezone)
- Turn on Automatic Windows Updates
- Create Working Folders and permission
- set administrators full control for hosts files
- D:\Archive
- D:\InetPub
- users: full control
- D:\Db
- users: full control
- D:\DbBackup
- users: full control
- C:\windows\temp
- users: list + read
- IIS_User: List + read
- Create Folder on Desktop for frequent shortcuts
- ODBC32 - Windows\sysWow64\odbcad32.exe
- dcomcnfg shortcut
- IIS shortcut
- Services shortcut
- Software Installation
- Microsoft Web platform Installer
- PHP Manager
- PHP 5.5.11 (previously 5.3.5)
- Firefox or Chrome
- Optional backup provider like Carbonite. Backup stores:
- \DbBackup (daily database backup files)
- \inetpub (content files, wwwRoot for each site)
- \program files (x86)\kma\contensive\config (server configuration)
- \program files (x86)\kma\contensive\addons (addons used by all sites)
- Sql Server 2008 R2 SP2. If Db size anticipated under 20G use Express Edition. Over 20G requires Web Edition
- Google search, “Microsoft® SQL Server® 2008 R2 SP2 - Express Edition”
- for 32-bit machines - use x86
- for 64-bit machines - use x64
- Install instance features, but check Default Instance during install
- Account provisioning: mixed mode authentication
- Set sa password
- 7Zip, 64 bit windows version
- Contensive, get latest version at http://clib.io
- Microsoft Web platform Installer
- Set Dcom permissions for Contensive
- run "DComCnfg/32 - MMC comexp.msc /32" then add
- Then open fdcomcnfg and locate cckrnl.exe
- Right click, click permissions, set everyone/all for all three sections
- identity, contensive/-pw-
- if ccKrnl does not show in dcomcnfg (make sure you are in the 32-bit view MMC comexp.msc /32), run 2 registry files found in the folder for this document (ccKrnl.reg, ccKrnl2.reg)(Note: on 64bit machines this has to run: at the command Line run “MMC comexp.msc /32”)
- Folder Permissions
- kma/contensive - user/all
- Run configWizard
- Server Service, verify it starts OK
- Run Application Manager
- Verify attach to local server
- Add Root Site, named for the server’s domain (s00.kma.net)
- Change Contensive config (MonitorConfig.txt) to use port 5900 for monitor, restart Contensive Monitor service
- Setup backup tools
- If you need a Sql Server backup script, download kmaBackupTools.zip, unzip and create a scheduled task for backupSql.cmd. It backups all Sql Server catalogs to a file in d:\DbBackup
- Verify the d:\DbBackup folder matches in the Sql file
- Verify the source programs files are correct in the cmd file
- Run a test of the cmd file
- Setup a scheduled task to run it routinely (we typically run everyday at 8pm,)
- If you need a Sql Server backup script, download kmaBackupTools.zip, unzip and create a scheduled task for backupSql.cmd. It backups all Sql Server catalogs to a file in d:\DbBackup
- IIS PHP Manager
- Open from root of IIS Manager
- Enable php_com_dotnet extension
- Add max_input_vars 2000
- upload_max_filesize = 50M
- post_max_size = 50M
- IIS Manager
- Application Pools > set applicaiton pool default
- Enable 32-bit = true
- Recycling
- Private Limit = 40,000
- Virtual Limit = 200,000
- Requests = 100
- Click on top node, set default in right-hand pane
- ASP
- Max Requesting Entity Body Limit = 10M
- Session Properties, Enable Session State = false
- Default Document list, only
- Index.php
- index.asp
- Error Pages
- Edit feature settings - custom error pages
- 404 set to /index.php (for each site)
- Setup SMTP
- Start IIS6 Manager
- go to SMTP Virtual Server 1, properties
- Leave IP set to all unassigned
- go to Access Tab
- Connect - grant only 127.0.0.1
- Relay Restrictions - grant only 127.0.0.1
- go to Delivery Tab, click advanced
- Set masquerade to server name i.e. s13.kma.net
- set FQN to server name i.e. s13.kma.net
- Domain node under Virtual Server, rename to this server's domain
- Run windows Updates
- auto install at 3am (while v42 does not start correctly, set to manual install)
- Services
- administrative Tools → Services
- SMTP - Start and set to automatic
- Contensive Monitor - Start and set to automatic
- Contensive Server - Start and set to automatic
- IIS Admin Services - Start and set to automatic
- SQL Server - Start and set to automatic