comp730:MeAndYou Summer 2017 Andry Bintoro Log


 * Home
 * MeAndYou
 * Semesters
 * Summer 2017

Week Ending June 7th, 2017

 * Task:
 * Expand features of MeAndYou for the Summer 2017.
 * Clean up the code and provide security features learning from COMP 815.


 * Results:
 * Met with Jonas on June 8th, 2017 at 4:30PM.
 * Discussed various issues, such as getting the R510 server setup.


 * Plan:
 * Gain Key fob access to UNHM Server room from UNHM Security.
 * Work out various details of Requirements Elicitation


 * Concerns:
 * Working with limited hardware is a challenge, provisioning a well functioning server.
 * Going to meeting on Wednesdays can be quite challenge since Professor Jonas is only available on those days.

Week Ending June 21, 2017

 * Task:
 * Configure Hardware Server Specifications
 * Set up RAID 1 for mirroring for redundancy
 * Install Ubuntu 16.04 LTS
 * Install XAMPP 7.1.4.0


 * Results:
 * Processor: Dual Core AMD Opteron 1216 x2 (64bit)
 * Memory: 7.8 GB
 * Graphics: GALIUM 0.4
 * Disk: 2.2 TB Logical Volume with 1 hot spare drive

RAID 1 Configuration

RAID 0 increases performance but does not provide any protection in terms of failure. RAID 1 offers reliability because of the mirrored image. There is an OS limitation, and thus we are only able to obtain 2.2 TB on the logical volume of Dell SAS 6 IR (Integrated RAID). In the BIOS, I had to modify and select OFF from AUTO all SATA controller ports except the Disk Drive otherwise I was getting Strike  to continue and it will loop and try to search for any available disks on the SATA ports. Thereafter, it recognized and booted from the disk image from the DVD drive after reboot.

An Integrated Mirroring (IM) virtual disk, also referred to as RAID 1, offers the ability to mirror data from one physical disk onto another one. RAID 1 volumes offer increased reliability by combining two physical disks into a single virtual disk such that each disk contains a mirrored copy of the other's data.

Configuring LSI Raid for any OS in the BIOS:

Follow these steps to create a RAID 1 virtual disk on a SAS 6/iR controller that does not currently have a virtual disk configured.


 * 1) Power of server and then power it back on. The Dell BIOS screen appears. Watch for the LSI Logic Corp screen
 * 2) When the BIOS screen shows the LSI Logic Corp. message, press Ctrl-C to start the LSI Logic Configuration Utility.
 * 3) Select a controller from the Adapter List in the Configuration Utility. With the LSI 1068E adapter highlighted in the first screen, press Enter.
 * 4) Select the RAID Properties option and press Enter.
 * 5) Select Create IME (Integrated Mirrored Enhanced) Volume or RAID 1 when you are prompted to create either a RAID 0 virtual disk or a RAID 1 virtual disk. The next screen shows a list of disks that can be added to a virtual disk.
 * 6) Move the cursor to the RAID Disk column. To add a disk to the virtual disk, change "No" to "Yes" by pressing the <+>, <->, or space bar.
 * 7) Use the arrow keys to highlight the [No] item in the Hot Spr column for the disks you want to use as hot-spares. For each such disk, press the spacebar or type the + or - key to change the [No] to [Yes].
 * 8) There are several limitations when creating a RAID 1 virtual disk:
 * 9) *All disks must be either Dell-compliant SAS or SATA physical disks.
 * 10) *SAS and SATA physical disks cannot be used in the same virtual disk.
 * 11) *There must be 2 physical disks in a RAID 1 virtual disk.
 * 12) Press  and then select Save changes when the virtual disk has been fully configured.
 * 13) *NOTE: There is an option to create a hot spare for a RAID 1 virtual disk. The Create RAID 1 screen allows the option to assign a hot spare. Only drives that are compatible with the new virtual disk configuration can be selected. The maximum number of hot spares allowed is two.
 * 14) Press  to confirm that existing data will be lost with the creation of the virtual disk. The Configuration Utility will pause while the virtual disk is being created.
 * 15) *NOTE: RAID 1 provides protection against the failure of a single physical disk. When a disk fails, the physical disk can be replaced and the data re-mirrored to the physical disk, maintaining data integrity.

Hot Spare Failover

If a RAID 1 virtual disk enters a degraded state, a compatible hot spare automatically begins rebuilding the degraded virtual disk. The "missing" or "failed" member of the degraded virtual disk displays as a `missing' global hot spare. The "missing" or "failed" drive must be replaced with a drive compatible with an existing virtual disk(s).

Replacing and Rebuilding a Degraded Virtual Disk

In the event of a physical disk failure in a RAID 1 virtual disk, we will need to replace the disk and resynchronize the virtual disk. Synchronization occurs automatically on replacing the physical disk using the following steps:


 * Replace the failed physical disk with a blank disk of the same type and of equal or greater capacity.
 * Check management application or the BIOS Configuration Utility (Ctrl-C) to ensure synchronization started automatically.










 * Plan: Come up with new data model and start coding. Think of ways to boost performance in database access whether it be RAID 5. Following are the key points to remember for RAID level 5.


 * Minimum 3 disks.
 * Good performance (as blocks are striped).
 * Good redundancy (distributed parity).


 * Concerns: Data model is getting large and there may not be ample time to code. Use of RAID 5 for DB that is heavily read oriented access, although write operations will be slow. RAID 5 is not possible due to hardware limitation of SAS controller.

Week Ending June 28th, 2017

 * Task:
 * Help Patrick complete the data model.
 * Get SQL code written based on data model.


 * Results:
 * Completed Data Model with Patrick on 6/25/2017 and created SQL code.


 * Plan:
 * Get the server running next week


 * Concerns:
 * Limited hardware provisioning from UNH

Week Ending July 5th, 2017

 * Task:
 * Get Server running at home with DynDNS or Static IP Address from Metrocast (Local ISP)


 * Results:
 * Patrick got server running with XAMPP with the default XAMPP website
 * URL is accessible at meandyou.from-nh.com
 * Downloaded last Semester's Final.zip of Project to implement on server.
 * Patrick ordered SSD because he was unable to get the previous version of MeAndYou working on server due to hardware limitations.


 * Plan:
 * Create a CNAME record for meandyou.us
 * Upload the database using mySQL templates
 * Get Remote Access setup on the server when it is re-installed after receiving the new Solid State Drive.


 * Concerns:
 * Hardware limitations - Patrick ordered Solid State Drive because server is too slow to function smoothly.

Week Ending July 12th, 2017

 * Task:
 * Get 2TB SSD installed on Server, and get the server up and running with Red Hat Enterprise Linux.


 * Results:
 * 2TB SSD installed on server by Patrick
 * Red Hat Enterprise installed on server with free 1 year activation with all required updates


 * Plan:
 * Start programming more features and build security features.


 * Concerns:
 * None at this time

Week Ending July 19th, 2017

 * Task:
 * Assisted Patrick with Server Remote Access Configuration (RDP, SSH, FTP)
 * Configure meandyou.us URL to redirect to meandyou.from-nh.com
 * Debug issues with MeAndYou site


 * Results:
 * Configured SSH and FTP access
 * RDP is not working on the server
 * Worked on programming MeAndYou Website in the UNH Library from 3:45PM to 08:30PM
 * Changed blowfish secret for more security in config.inc.php
 * Assisted Patrick and updated Friend, Family, Love images with new artwork
 * Enabled root user accounts in PHPMyAdmin
 * Enabled and configured PHPMYAdmin to asks for username and password (plaintext)
 * In Terminal, cd /opt/lampp/etc/extra
 * Added the following:

 Allow Override AuthConfig Require all granted 


 * Plan:
 * Continue working to get SSL to work on PHPMyAdmin and website


 * Concerns:
 * FTP is not secure, warned Patrick about it and see if we can implement SFTP instead.
 * I will be going on military training and won't be able to commit fully to the project.

Week Ending July 26th, 2017

 * Task:
 * Implement SFTP and RDP for easy remote access
 * Fix notifications and add images as buttons for searches
 * Fix bugs on MeandYou website


 * Results:
 * Added a Notifications page, that displays all notifications, including those that have been "deleted"
 * Significantly changed the CSS structure of the website, because of numerous problems of text and images compacting and rolling off of the text area on multiple browsers
 * Created a navigation bar that extends to all parts of the site when the user is logged in, with security checks for it on every page.
 * Site is now structured to include a header.php and footer.php, and there are several variants.
 * Fixed the User Notifications on the Dashboard page, and re-worked how notifications are announced for new searches and matches.
 * Created a new Dashboard page, with updated images for searches, which you can click on and they take you to that search page under the Dashboard page.


 * Plan:
 * Fix errors with searches changing search type, such as changing/deleting the notifications, deleting linked matches, etc.
 * Fix the extra e-mail and phone fields so they are truly hidden when not in use, and have JavaScript button that enables them.


 * Concerns:
 * Database is not encrypted
 * The entire website is not secured with SSL

Week Ending September 6th, 2017

 * Task:
 * Configure SFTP
 * Secure website with SSL, to include PHPMyAdmin
 * Configure .htaccess as an extra layer of security


 * Results:
 * Tried to secure meandyou.us and meandyou.from-nh.com but was unsuccessful because neither Patrick or myself owns the domain. Submitted the certificate signing request back to GoDaddy, but still waiting for Pending Verification of domain ownership.
 * Created a group sftp_users and added Patrick and myself to the group
 * Restarted ssh service, tested configuration, confirmed access

[abintoro@meandyou ~]$ sudo groupadd sftp_users [abintoro@meandyou ~]$ sudo usermod -G sftp_users abintoro [abintoro@meandyou ~]$ sudo usermod -G sftp_users pmcelhiney [abintoro@meandyou ~]$ id abintoro uid=1002(abintoro) gid=1002(abintoro) groups=1002(abintoro),1003(sftp_users) [abintoro@meandyou ~]$ sudo vim /etc/ssh/sshd_config [sudo] password for abintoro:

[line 146]Subsystem sftp internal-sftp Match Group sftp_users X11Forwarding no AllowTcpForwarding no  ChrootDirectory /home ForceCommand internal-sftp


 * Plans:
 * Encrypt database access especially for root
 * Secure website with SSL


 * Concerns:
 * It is not possible to secure the website without purchasing a certificate and uploaded to server. I bought a certificate in an attempt to secure the website but still waiting for domain validation from Professor Jonas since he bought meandyou.us. It looks like Patrick does not own meandyou.from-nh.com but Dyn does and he told me to reach out to Professor Chadwick since he used to work there.