A howto get a full functioning webserver on pfsense via vhost

sash99

A requested HowTo

For those that wish to have a  functional webserver on   their pfsense router/firewall to handle content internally ( or otherwise)
I simplified it as easy as possible

Installing  the packages and  preparing  pfsense  vhost
( from a clean install)

go to system > packages

install BandwidthD ( installs most of GD libaries)
install Vhost

then go to System > advance

give pfsense a  non standard TCP port ie: 11111  (  do not forget  to be able to log into pfsense  you have to add  the port number to your  ip ie:  https://192.168.1.1:11111)
disable WebGUI redirect
enable secure shell

you should now be able to use port 80 as your webserver port ( internal (lan) and externally (wan) )

now use putty  or terminal to  ssh into pfsence
ie: ssh root@192.168.1.1

go to shell (8 )

copy and paste each line  to shell command line  and press enter   ( any deviation can break pfsense)

pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-gd-5.2.13_3.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/t1lib-5.1.2_1,1.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libX11-1.3.3,1.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libXpm-3.5.7.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libxcb-1.6.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libXau-1.0.5.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libXdmcp-1.0.3.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libpthread-stubs-0.3_3.tbz
pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/mysql-server-5.1.48.tbz
pkg_add -r http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/mcrypt-2.6.8_1.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/php52-mcrypt-5.2.13_3.tbz
pkg_add -rfi http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/8.1-RELEASE/packages/All/libltdl-2.2.6b.tbz

touch /etc/php_dynamodules/pdo                                                                        
touch /etc/php_dynamodules/pdo_sqlite                                                                  
touch /etc/php_dynamodules/gd  
touch /etc/php_dynamodules/mysql
touch /etc/php_dynamodules/json        
touch /etc/php_dynamodules/mcrypt
touch /etc/php_dynamodules/dom
touch /etc/php_dynamodules/sqlite

/etc/rc.php_ini_setup

/usr/local/bin/mysql_install_db
chmod 777 /var/db/mysql
chmod 777 /var/db/mysql/mysql
chmod 777 /var/db/mysql/mysql/.
mv /usr/local/etc/rc.d/mysql-server /usr/local/etc/rc.d/mysql-server.sh

now if you are  familar with vi  continue  to enter this line and then edit the following

vi /usr/local/etc/rc.d/mysql-server.sh

changed
: ${mysql_enable="NO"}
to
: ${mysql_enable="YES"}

save the file

I am not so great at vi  so I usually use filezilla log into the server  and use the ftp program to edit the  file

to log in pfsense with filezilla  the user name is not admin it is always root and the port is 22 –
then negotiate to  /usr/local/etc/rc.d and edit the file mysql-server.sh

once the line is edited

exit
restart webconfiguator ( 11 )
reboot ( 5 )

once it reboots  ssh into it again  and give mysql a password

mysqladmin -u root password "your new password"

now you have a fully functioning webserver on PFsense

To get the web Server  running  ( vhost)

services > vhosts

click add +
Host:  create a simple name ie: info  or admin  this will create a folder in your web server directory
ip address;  assign this to  to your wan,  lan, opt  or virtual ip that you created on your system
post the default is 8001  but if you disabled Webgui redirect as mentioned above then you can use  port  80 ( I would suggest if it some form of administration website use a non standard port)
Directory  leave this one blank on some installs  it breaks vhost  if you enter  in anything 
Certificate & key also leave blank unless you want https website

now start the vhost services

status > services
click start  vhost 
( it will not change to green status  but it is  functioning )

test  web server

enter in  ip plus directory name in browser
ie: Ip 192.168.1.1
if using  port 8001 and the host is called info  –  http://192.168.1.1:8001/info
if using  port 80 and host is called admin –  http://192.168.1.1/admin
or you can use servers host name ie:  http:// pfsense.localdomain/admin

It should display a PHP  webpage describing what php module you have installed

Uploading your website
install filezilla or similar program that can handle sftp –  http://filezilla-project.org/
host: ip of your pfsense box
user name root 
password  whatever your password is for you pfsense box
port 22

negotiate your way to vhost directories /usr/local/vhosts

copy your php or html websites to your  host directory

your DONE

test to see if the website works

Useful  php websites

to maintain mysql  create vhost  and install phpmyadmin ( probably not on port 80 for security reasons)

http://www.phpmyadmin.net

other usefull programs:
server monitor
http://sourceforge.net/projects/phpservermon/

a very good content manager
www.joomla.org

and much much more

Good luck and have fun  ;D

stephenw10

Nice write up!  :)
You should probably add a security disclaimer of some sort.  ;)

Steve