Install and Configure Hiawatha Webserver on Ubuntu-14.04

Want your very own server? Get our 1GB memory, Xeon V4, 25GB SSD VPS for £10.00 / month. Get a Cloud Server

Hiawatha is an open source, advanced and secure web server developed by Hugo Leisink since 2002. Hiawatha is a small and lightweight webserver, so it supports older hardware or embedded systems. Hiawatha is a highly secure webserver and has the capability to protect against SQL injections, XSS and CSRF attacks and exploit attempts.

Features

Supports IPv6 Protocol. Monitors all your web servers using Hiawatha Monitor that communicates with your webserver to collection information about bandwidth usage, number of requests, errors and attacks. Support for SSL and Protect against verious kind of DDoS attack. Supports the FastCGI protocol, including load balancing. Speed up websites using internal caching, keep-alive connection, and request pipelining. You can use Hiawatha as an application firewall to protect other webservers. Control the access to your websites using HTTP authentication or by IP address.

In this tutorial, I'll show you how to install Hiawatha with a Database on Ubuntu-14.04

Requirements

A server runing Ubuntu-14.04.

A non-root user with sudo privileges setup on your server.

Installing Hiawatha

There are two methods to install Hiawatha webserver on your Ubuntu-14.04 server. First you can install it using Tuxhelp software repository or installs Hiawatha using a Personal Package Archive (PPA).

Install Using the Tuxhelp Repository

In order to install Hiawatha, you will need to import the public key of the Tuxhelp repository from the keyserver.

You can do this by running the following command:

sudo apt-key adv --recv-keys --keyserver keys.gnupg.net 79AF54A9

After running the above command the key is imported, you will need to update the sources.list file located at /etc/apt/sources.list.

Now, open the the sources.list file using your favorite editor:

sudo nano /etc/apt/sources.list

Add the following line at the end of the file:

deb http://mirror.tuxhelp.org/debian/ squeeze main

Save and close the file.

Next, you need to update the repository using the following command:

sudo apt-get update

Once the repository is up-to-date, you can install Hiawatha package using the following command:

sudo apt-get install hiawatha

Output:

Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: php5-fpm The following NEW packages will be installed: hiawatha 0 upgraded, 1 newly installed, 0 to remove and 208 not upgraded. Need to get 0 B/473 kB of archives. After this operation, 1,076 kB of additional disk space will be used. WARNING: The following packages cannot be authenticated! hiawatha Install these packages without verification? [y/N] Y Selecting previously unselected package hiawatha. (Reading database ... 69716 files and directories currently installed.) Preparing to unpack .../hiawatha_10.3_amd64.deb ... Unpacking hiawatha (10.3) ... Processing triggers for man-db (2.6.7.1-1ubuntu1) ... Processing triggers for ureadahead (0.100.0-16) ... Setting up hiawatha (10.3) ... Starting webserver: Hiawatha Processing triggers for ureadahead (0.100.0-16) ...

After installation is complete, you can verify it by running the following command:

sudo /usr/sbin/hiawatha -v

Output:

Hiawatha v10.3, cache, IPv6, Monitor, reverse proxy, TLS v2.2.1, Tomahawk, URL toolkit, XSLT Copyright (c) by Hugo Leisink

Install Using a PPA

You can also install Hiawatha using Hiawatha PPA. You can easily add the PPA for Hiawatha with the following command:

sudo add-apt-repository ppa:octavhendra/hiawatha

You should see the output similar to this:

Advanced and secure webserver for Unix Hiawatha is a webserver with the three key attributes: secure, easy-to-use, and lightweight Homepage: https://www.hiawatha-webserver.org/ More info: https://launchpad.net/~octavhendra/+archive/ubuntu/hiawatha Press [ENTER] to continue or ctrl-c to cancel adding it gpg: keyring `/tmp/tmp78ny1u3s/secring.gpg' created gpg: keyring `/tmp/tmp78ny1u3s/pubring.gpg' created gpg: requesting key DAC7EB24 from hkp server keyserver.ubuntu.com gpg: /tmp/tmp78ny1u3s/trustdb.gpg: trustdb created gpg: key DAC7EB24: public key "Launchpad PPA for octavhendra" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) OK

Once you have finished, you will see a new file on your server:

/etc/apt/sources.list.d/octavhendra-hiawatha-trusty.list

Next, update the repository with the following command:

sudo apt-get update

Then install Hiawatha by running the following command:

sudo apt-get install hiawatha

Once installation is finished, verify using the following command:

sudo hiawatha -v

Output:

Hiawatha v10.3, cache, IPv6, Monitor, reverse proxy, TLS v2.2.1, Tomahawk, URL toolkit, XSLT Copyright (c) by Hugo Leisink

You can also test the Hiawatha web server using a command line web browser called lynx, First install lynx by running the following command:

sudo apt-get install lynx

Once lynx is installed, Test Hiawatha installation with the following command:

lynx http://server-ip-address

You should see the following page:

Hiawatha webserver Hiawatha webserver logo Installation successful Congratulations! The Hiawatha webserver has successfully been installed on this server. For more information about this webserver, visit the Hiawatha website. Please, give some feedback about your Hiawatha experiences at the Hiawatha forum. Hiawatha Monitor Use the Hiawatha Monitor to keep track of all your websites served by Hiawatha. Banshee PHP framework About to create a new website? Use the Banshee PHP framework for improved website security. Commands: Use arrow keys to move, '?' for help, 'q' to quit, ' ../init.d/mysql /etc/rc1.d/K20mysql -> ../init.d/mysql /etc/rc6.d/K20mysql -> ../init.d/mysql /etc/rc2.d/S20mysql -> ../init.d/mysql /etc/rc3.d/S20mysql -> ../init.d/mysql /etc/rc4.d/S20mysql -> ../init.d/mysql /etc/rc5.d/S20mysql -> ../init.d/mysql

Installing MariaDB

MariaDB is an open source drop-in replacement for MySQL with enhanced features and patches. You can also install the MariaDB database instead of MySQL.

By default MariaDB does not exist in Ubuntu repository, so you will need to get repository public key from keyserver.ubuntu.com.

You can do this by running the following command:

sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db

Next, add MariaDB reposisitory into source.list:

sudo nano /etc/apt/source.list

Add the following line:

deb http://nwps.ws/pub/mariadb/repo/5.5/debian wheezy main

Save the file and update the repository using the following command:

sudo apt-get update

Now, you can install MariaDB with the following command:

sudo apt-get install mariadb-server

Once installation is complete, you will need to secure MariaDB installation by running the mysql_secure_installation script:

sudo mysql_secure_installation

Configuring Hiawatha

Now, you will need to do some basic configuration of Hiawatha webserver. You can do this by editing hiawatha.conf file located at /etc/hiawatha/ directory.

sudo nano /etc/hiawatha/hiawatha.conf

Change the file as shown below:

CGIhandler = /usr/bin/php-cgi:php FastCGIserver { FastCGIid = PHP5 ConnectTo = /var/run/php5-fpm.sock Extension = php } VirtualHost { Hostname = www.my-domain.com WebsiteRoot = /var/www/my-domain/public AccessLogfile = /var/www/my-domain/log/access.log ErrorLogfile = /var/www/my-domain/log/error.log TimeForCGI = 5 UseFastCGI = PHP5 }

Once you are finished save and close the file.

Next, create the directory for web root and log:

sudo mkdir -p /var/www/my-domain/public

sudo mkdir /var/www/my-domain/log

Now, restart hiawatha server with the following command:

sudo service hiawatha restart

Testing Hiawatha Server

Once everything is up-to-date, its time to test the Hiawatha server.

Now, create sample PHP script to test Hiawatha server:

sudo nano /var/www/my-domain/public/index.php

Add the following content:

<?php echo "<title>Hiawatha Server Test</title>"; echo "<h1>Hello Hiawatha!</h1><br>"; echo ""; ?>

Save and close the file.

Now, use your web browser to check. If you are seeing any errors you can troubleshoot using the log file located at /var/www/my-domain.com/log directory that will provide some clues as to what is going wrong.