How to install the BURP backend on Gentoo¶
1) emerge tomcat6
2) copy /var/lib/tomcat6 to the dir where you want the installation to be (example: /mnt/hosting/www/burp_tomcat)
3) chown the webapp subdir (and its subdirs) to your burp/boinc user and group
4) Add your burp/boinc user to the tomcat group to allow it to read the server config: usermod -a -G tomcat burp
5) Edit /etc/conf.d/tomcat-6:
CATALINA_BASE=/mnt/hosting/www/burp_tomcat/ CATALINA_USER=burp CATALINA_GROUP=burp JAVA_OPTS="-Xmx3000m -Xms1000m -Xincgc"
6) Add a manager user to Tomcat by editing the /etc/tomcat-6/tomcat-users.xml file
<role rolename="manager"/> <role rolename="admin"/> <user username="theusername" password="thepassword" roles="manager,admin,tomcat"/>
7) Start tomcat: /etc/init.d/tomcat-6 start
And make it start every time you boot: rc-update add tomcat-6 default
8) Open the manager at http://localhost:8080/manager/html (the default unless you change it). If you are deploying on a server that firewalls this port (which it should!) then you can tunnel your way to it by using ssh:
ssh your_user@your_server -L 8080:localhost:8080Now login using the link above.
9) Download the newest burp.war from the BURP site (rename it if it is named otherwise). Alternatively compile it from SVN.
10) Under "WAR file to deploy" hit the "browse" button and find the burp.war on your computer. Click "deploy" to install it.
Configuring BURP¶Browse to http://localhost:8080/burp/
If you've used BURP before it will automatically detect the right settings, upgrade your database and launch the Core.
If this is the first time you install BURP then take the time to set up the configuration (under the configuration tab). You must at minimum set:
- The database settings
- storageBaseDirectory (create one somewhere with the right permissions)
- uploadDirectory (if you want to run the session cleaner)
Once you've done this you can go back to the status tab and start the core.
1) Download the newest burp.war from the BURP site (rename it if it is named otherwise). Alternatively compile it from SVN.
2) Go back to http://localhost:8080/manager/html and click the "undeploy" command next to the BURP application
3) Under "WAR file to deploy" hit the "browse" button and find the burp.war on your computer. Click "deploy" to install it.
Configuring the Apache webserver¶
If you are installing BURP on a production level server it is quite likely that you will have some kind of frontend running the Apache webserver. To allow clients to access select portions of the firewalled BURP servlet you can set up the Apache webserver to forward requests to Tomcat through the ajp protocol:
1) emerge mod_jk
2) Edit /etc/apache2/modules.d/88_mod_jk.conf and comment out the following lines - we will set up the redirections ourself in the virtualhosts instead:
# jkAutoAlias /var/lib/tomcat-5.5/default/webapps/ # jkMount /*.jsp ajp13
3) Edit /etc/apache2/jk-workers.properties - this file defines the connections between Apache and Tomcat instances on your server (or remotely):
worker.list=burp_production worker.burp_production.type=ajp13 worker.burp_production.host=localhost worker.burp_production.port=8009
If you have a second server for other stuff "worker2". You can also define this one by adding and modifying lines:
worker.list=burp_production,worker2 worker.worker2.type=ajp13 worker.worker2.host=localhost worker.worker2.port=8109
4) Edit /etc/conf.d/apache2 and add "-D JK" to the list of options there
5) Add the servlets to your virtualhosts (typically in /etc/apache2/vhosts.d):
JkMount /burp/xmlrpc burp_production JkMount /burp/storage burp_production
6) (optional) If you had an old installation of BURP or used a custom XMLRPC system you can redirect the old/custom urls to the new API by adding redirects in your .htaccess file in the xmlrpc directory:
RewriteEngine On RewriteRule ^redirector.php$ burp/storage RewriteRule ^file$ burp/storage ...