Can you run a web server on a pfSense box?



  • Sorry for the noob question but I'm not familiar with pfSense or FreeBSD for that matter yet.  I have some linux knowledge in Ubuntu, seems FreeBSD has a few differences.

    Anyway what I'm wanting to see is if I can run a web server on a pfsense box.  The only reason I'm considering doing this is because the little server I'm going to be putting pfsense on is a lot more power than is needed simply to handle routing and firewall.  Figured I'd run a website or two off it as well so that it's putting it's resources to a little more use.

    I tried the commands I knew to install apache but none of them worked (aptitude, apt-get, yum) and I didn't see the apache config file already on the serer anywhere (find / -name "apache*" came back with no results).

    I understand it may not be best practice to run something on the firewall box, but it just seems so wasteful to use it for nothing but a router / firewall box lol.

    Thanks for any feedback.



  • I don't have an exact answer to your question, but…
    You say you have a powerful box, perhaps you should consider installing Xen on it. With Xen you can create multiple virtual machines on the one box.
    This way you don't have to mess with pfsense and you can install a separate ubuntu instance.
    You can get Citrix's XenServer for free and its dead easy to install and manage combined with their XenCenter application.



  • Sorry for the confusion.  The box I'm putting pfSense on isn't that powerful, it's just overpowered for a simple router.

    My setup is actually going into some colocated servers, I've got a Atom 330 2GB Ram box that I'm putting pfsense on, and then I have another server (Xeon E3 1230 with 16GB ram) that is going to be running ESXi to run multiple virtual machines.  I plan to add additional servers in the future so that is why I'm going ahead and setting up a pfsense box to serve as my router / firewall.  I've tried quite a few firewall distros and pfSense seems to be the best of the ones that I've tried so far.

    It just seems wasteful to dedicate the small atom server solely to pfsense right now because I doubt pfSense will be able to utilize it more than a few %.  Figured I could run my web page off the pfSense box, and then use the virtual server for client web pages and application servers.



  • Well in that case…  ;D
    PFsense uses lighttpd as a webserver. I don't have access to my pfsense box right now, but last time I checked, there was some config files in /etc/
    I've never worked on lighttpd, so I can't help more than this  ;)



  • @foamz:

    PFsense uses lighttpd as a webserver. I don't have access to my pfsense box right now, but last time I checked, there was some config files in /etc/

    Before getting too far along messing with configuration files, be aware that pfSense regenerates many of the configuration files on startup from its stored configuration file. So in many cases, changes to configuration files are erased on restart.



  • @steven6282:

    [..]I've got a Atom 330 2GB Ram box that I'm putting pfsense on [..]
    It just seems wasteful to dedicate the small atom server solely to pfsense right now because I doubt pfSense will be able to utilize it more than a few %. [..]

    If you plan on using it just for simple plain router then it should be fine. But if you are going to install Snort, Squid and other resource intensive packages then I believe the Atom processor might be just enough to handle everything under 2GB RAM. Try to see if you can upgrade the RAM to 4GB at the least to give some breathing room in case you get your web server running on the same.



  • This board supports 2gigs of memory max.

    Not a big deal, probably just going to end up using it as a router only.  I did see a package in the package section that allows for hosing a website on the server though if I decide to do that.  If I do that though it will be a light traffic website that won't put the processor to much more use.

    If I need to upgrade the server later to something that supports more memory I will at that time, not to big of a deal.  This is just something to get started with.


Locked