Wordpress For Mac Os X Server

admin



  • My client wants me to install WordPress on his Mac Mini running Mac OS X Server. I’ve read and understand how to install a local copy, but to push it live is where I get confused.
    If anyone can provide some guidance, I’d appreciate it!
    Thanks!
    Michelle

  • Are you wanting to host the WP install that is on the Mac Mini to the internet from his home/office or you just want to know how to take the content/theme/setup on the local install and move it over to a hosting server that is already purchased?

  • The topic ‘Installing WordPress on a Mac OS X Server’ is closed to new replies.

Apr 14, 2010 Mac OS X Server’s AFP server access logs aren’t the greatest (no full paths is a glaring omission), but if you have them enabled, they can be useful for finding who deleted a file or folder for example. If the item’s name starts with “Important File”, this command gives us the ip address of the client that deleted the item. Is Installing WordPress on Mac OS X server different from installing on Mac? How to access such Sites on local Network and from outside the local Network (example let customer preview the website). I don't have a fixed IP address. I understand there are some other free services to solve such issues.

One of my customers was looking for a simple WebVPN Cisco solution to replace his older EasyVPN. Goals were to increase security (by defining user groups and IP access lists) and ease deployment for external parties that needed to log onto the VPN. This posed the following problems:

– The Cisco router that was used (a 1921) only supports local users, in order to apply different group policies there had to be group authentication as well.
– Mac OS X 10.6 uses a Radius server only to authenticate users on Airport basestations. Authorization for other devices is not enabled by default and groups are not pushed to other devices.

So… let’s get started! For this to work you’ll need to have your Cisco router connected to your Mac OS X server in some way. I won’t go into the basics of setting up your router, your WebVPN or your Mac OS X server here, there are plenty of tutorials on that on the web already.

Archive for category Mac OS X Server QUICK DIRTY SCRIPT TO GET ALL EPISODES OF STEVE GIBSONS/TWIT SECURITY NOW Posted by Macnode in Bash Shell, Unix, Linux, Apple, Mac OS X Server.

  1. Aug 06, 2009 For a home user you could easily use a Mac-mini, external hard drive(s) for storage, and a 10-user license of OS X Server. But I digress, I’ll get back to the post now. This post assumes that you already have the directory service running, and have network accounts configured on a Mac OS X Server running version 10.5.x.
  2. MAMP for Windows. MAMP is a free, local server environment that can be installed under macOS and Windows with just a few clicks. MAMP provides them with all the tools they need to run WordPress on their desktop PC for testing or development purposes, for example. You can even easily test your projects on mobile devices.

First of all we’ll have have to alter the configuration of the excellent FreeRADIUS server that Apple ships with Mac OS X Server 10.6. This is easier than it seems. Stop the RADIUS server in the Server Admin utility and browse to the /etc/raddb/ directory. We’ll make changes to 2 files here.

In users.conf we’ll have to instruct the RADIUS server to accept incoming connections form the Cisco router. This is done by adding the following lines just above the “client localhost {” part:

client 192.168.9.1/32 {
secret = somesecretyoucameupwith
shortname = vpn
nastype = cisco
}

The shortname is the hostname of the router, the IP address is the IP address of the router. Save the file (you’ll need administrator access to do this) but don’t start the RADIUS server just yet. We have to edit the users file (in the same directory) as well in order to push group information to the router.

In the users file you can specify the return values that should be pushed back to the router upon a successfull authentication. I looked into the possibility to make the RADIUS server push the default user group to the router but deemed that it was far too difficult to make it work. Instead I opted to make separate entries for all my users and specify their policy group explicitly. At the bottom of the users file you can add entries like this:

user1 Cleartext-Password := “password”
Service-Type = NAS-Prompt-User,
cisco-avpair = “webvpn:user-vpn-group=management”

When user1 tries to login to the WebVPN the RADIUS server will (upon a successfull authentication) push the webvpn:user-vpn-group attribute to the router. This attribute (in this case the group name management) will select the correct policy for the user. Now the RADIUS part is done, start the RADIUS server and see if it runs. If it doesn’t start you probably made a typo somewhere, see below on how to debug it.

Now it’s time to implement RADIUS authentication in the router. First we’ll add the radius server to the config:

radius-server host 192.168.9.12 auth-port 1812 acct-port 1813 key 7 <somesecretyoucameupwith>

The secret needs to be the same as the secret you entered in the clients file.

These are the AAA settings that I used, I first want the router to check for a local account so I can always access it in case the RADIUS server stops working. After that the router will query the RADIUS server to look for valid accounts.

Server

aaa authentication login default local group radius
aaa authorization exec default local
aaa authorization network default local group radius
aaa authorization auth-proxy default group radius cache radius local
aaa accounting auth-proxy default start-stop group radius

From here it’s easy, you can create different policy groups in your webvpn context. In this case I would create a policy group called management for user1 that will allow him to reach certain hosts and see a specific URL list.

policy group management
url-list “URLs”
functions svc-enabled
svc address-pool “sslvpn-pool”
svc keep-client-installed
svc split include 192.168.43.0 255.255.255.0
svc split include 192.168.9.0 255.255.255.0
svc dns-server primary 8.8.8.8
svc dns-server secondary 8.8.4.4

Wordpress For Mac Os X Server Windows 10

Wordpress for mac os x server windows 10

Also add the following line to your webvpn context to make sure the RADIUS server is queried for valid accounts:

aaa authentication auto

Now your Cisco will pass on logins to the RADIUS server and receive the correct attribute to select the right group policy for the WebVPN. Nice!

Notes:

Wordpress For Mac Os X Server Download

– In order for this to work the users specified have to both exist in the OpenDirectory and the users file.
– I have used port 1812 and 1813. In older RADIUS implementations port in the 1600 range were used. The Cisco configuration professional still suggests these ports but they don’t work with FreeRADIUS.
– I included the DNS servers as there is a bug with the current version of the AnyConnect client where DNS requests are not correctly forwarded in case of a split tunnel (CSCtf20226).
– If this doesn’t work first launch the RADIUS server in debug mode on Mac OS X server to see if the authentication runs well. This can be done by starting a terminal session and launching radiusd -X as root.
– Secondly use the radius debug feature of the Cisco router to see if the authentication packets that are returned contain the avpair attribute. If the attribute is not included the router will assign the default policy. In my case I removed the default policy as it poses a security risk.

Wordpress For Mac Os X Server Download

A big thanks for the folks on the FreeRADIUS mailinglist for their assistance!