Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th January 2008, 22:36
FXT FXT is offline
Junior Member
 
Join Date: Jul 2007
Posts: 22
Thanks: 3
Thanked 0 Times in 0 Posts
Default General questions regarding ISPConfig setup

I am planning on setting up a server as securely as possible, given that I have to use Ubuntu 6.06 Server LTS and Joomla! on a site.

This server will be running in a VMWare virtual machine. It will later on be required to host more sites, mostly small experimental/static stuff for me and a close friend.

My plan is to use ISPConfig and create a reseller, who will have both me and my friend as clients.
If I understand correctly, the reseller will create the sites via the ISPConfig interface, and we as clients will then fill them with content via FTP. Easy administration, and no way to screw with the other sites that way. I have heard that this would be overkill, but i would like the expandability, and learning to do this is a good idea IMO.
Does this setup (reseller->clients) make sense?

Can this be done behind a router doing NAT, with only relevant ports being forwarded?
I have several *.dyndns.org domains pointing to my public IP, and would like them all hosted on this VM with its fixed local IP.
Is it possible to send mail from these domains, like user@asdf.dyndns.org?
Should I even bother with mail, given that this is a private connection?

I have been using the relevant "Perfect Setup" and it has been a great help combined with the info on these forums (thank you!).

One part I am not sure about in that Perfect Setup is the fact that normal FTP is used. I have enabled TLS for ProFTPd on one version of the server VM (approaching twelve different ones now!), and it works like a charm on the LAN. The NAT router is screwing things up, though, and I am not learned enough to find a way around that.Also I'm not willing to put the VM into this cheap router's DMZ.
Is there a way to do this, and more importantly, will it work with ISPConfig?
Is there a way of using SCP to work with ISPCOnfig?

I have been asking questions in another thread, which has made me reconsider some of my earlier plans, and hope that more than one thread is no problem.
I'm afraid it's many questions once again, I hope someone can answer them.
Reply With Quote
Sponsored Links
  #2  
Old 9th January 2008, 01:19
xrat xrat is offline
Member
 
Join Date: Nov 2006
Location: Vienna, Austria
Posts: 56
Thanks: 68
Thanked 15 Times in 12 Posts
Default

Hi FXT,
Sorry, I can't help much. But let me say that I think your setup is fine. It is overkill, yes, but if you want to be able to further expand your hostings it's a good idea to start small. And ISPconfig is just fine for small and big.
Be warned that many of your questions are not related to ISPconfig, though. You might get more replies in special forums for NAT, networking, or such.
This being said, I am no expert, but I guess that ISPconfig and your hosts should do fine behind a firewall with NAT. FTP, IIRC, needs special proxies/support on your firewall. Personally, I guess, if you want your clients to use FTP I would not have it firewalled. Tried often, and it was always a pain in the ass. Another option might be to disable FTP and go for SSH/SFTP which works just fine behind firewalls. And if you care for security, I'd definitely disable FTP anyway.
HTH, -- xrat
Reply With Quote
  #3  
Old 9th January 2008, 17:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Quote:
Originally Posted by FXT
My plan is to use ISPConfig and create a reseller, who will have both me and my friend as clients.
If I understand correctly, the reseller will create the sites via the ISPConfig interface, and we as clients will then fill them with content via FTP. Easy administration, and no way to screw with the other sites that way. I have heard that this would be overkill, but i would like the expandability, and learning to do this is a good idea IMO.
Does this setup (reseller->clients) make sense?
Yes.

Quote:
Originally Posted by FXT
Can this be done behind a router doing NAT, with only relevant ports being forwarded?
Yes. Make sure you use your local IP for the Apache vhosts, not your router's public one.

Quote:
Originally Posted by FXT
I have several *.dyndns.org domains pointing to my public IP, and would like them all hosted on this VM with its fixed local IP.
Is it possible to send mail from these domains, like user@asdf.dyndns.org?
Should I even bother with mail, given that this is a private connection?
Almost all dynamic IP addresses are blacklisted nowadays; if you still want to send email, you should relay them through another mailserver: http://www.howtoforge.com/postfix_re...her_mailserver


Quote:
Originally Posted by FXT
One part I am not sure about in that Perfect Setup is the fact that normal FTP is used. I have enabled TLS for ProFTPd on one version of the server VM (approaching twelve different ones now!), and it works like a charm on the LAN. The NAT router is screwing things up, though, and I am not learned enough to find a way around that.Also I'm not willing to put the VM into this cheap router's DMZ.
Is there a way to do this, and more importantly, will it work with ISPConfig?
Make sure that your router forwards the ports 20 and 21 to your ISPConfig box.
Quote:
Originally Posted by FXT
Is there a way of using SCP to work with ISPCOnfig?
Yes, but your users must then have Shell access which is a security risk.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 9th January 2008, 19:48
xrat xrat is offline
Member
 
Join Date: Nov 2006
Location: Vienna, Austria
Posts: 56
Thanks: 68
Thanked 15 Times in 12 Posts
Default

Quote:
Originally Posted by falko
Yes, but your users must then have Shell access which is a security risk.
To clarify, I agree with Falko. It's just that I already seem to be working in too many environments where people need Shell access anyway. And then, of course, SSH is less of an evil than plain FTP.

Depending on how you define "Shell" access you might be happy with other solutions like Falko's Chrooted SSH Howto http://www.howtoforge.com/chrooted_ssh_howto_debian

HTH.
Reply With Quote
  #5  
Old 11th January 2008, 19:10
FXT FXT is offline
Junior Member
 
Join Date: Jul 2007
Posts: 22
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Falko, xrat, thank you for your answers, they have helped me make up my mind.
Now, I've run into the ClamAV compilation problem...

I tried to downgrade by running

Code:
apt-get install gcc-3.4
The ISPConfig ./setup still won't run through:
Code:
checking for ANSI C header files... (cached) yes
checking for a supported version of gcc... ok (4.0.3)
checking for gcc bug PR27603... ok, bug not present
checking for gcc bug PR28045... configure: error: your compiler has gcc PR28045 bug, use a different compiler, see http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28045
ERROR: Could not configure ClamAV
cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory
mv: cannot stat `binaries/aps.tar.gz': No such file or directory
mv: cannot stat `binaries/spamassassin.tar.gz': No such file or directory
mv: cannot stat `binaries/uudeview.tar.gz': No such file or directory
mv: cannot stat `binaries/clamav.tar.gz': No such file or directory
mv: cannot stat `binaries/cronolog': No such file or directory
mv: cannot stat `binaries/cronosplit': No such file or directory
mv: cannot stat `binaries/ispconfig_tcpserver': No such file or directory
mv: cannot stat `binaries/zip': No such file or directory
mv: cannot stat `binaries/unzip': No such file or directory
tar: spamassassin.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors
mv: cannot stat `spamassassin': No such file or directory
tar: uudeview.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors
mv: cannot stat `uudeview': No such file or directory
tar: clamav.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors
mv: cannot stat `clamav': No such file or directory
tar: aps.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error exit delayed from previous errors
./setup2: line 873: ispconfig_tmp/php/bin/php: No such file or directory
ERROR: The PHP binary coming with ISPConfig does not work properly on your system! The installation routine stops here!
The output above tells me, that a version higher than 3.4 was detected, how is that possible after the downgrade? Am I doing something wrong?

Code:
gcc -dumpversion
tells me I'm running 4.0.3, after repeatedly running the above downgrade with apt.

I am doing an install, not an upgrade, but would the second part (editing the config file) of the solution in Till's thread here work in my case? If ClamAV is not going on a performance-critical system, it shouldn't matter? I'm trying not to break anything here, and I'm a little frustrated ATM.

Last edited by FXT; 11th January 2008 at 19:31.
Reply With Quote
  #6  
Old 12th January 2008, 13:16
FXT FXT is offline
Junior Member
 
Join Date: Jul 2007
Posts: 22
Thanks: 3
Thanked 0 Times in 0 Posts
Default

OK, I did it!
I have a running VM with Perfect Setup for Ubuntu 6.06 LTS, but FTP with TLS support and MySQL listening on localhost only; ISPConfig 2.2.19 running with Till's ClamAV fix (downgrading gcc/g++ never worked).

Thank GOD for snapshots, I would have gone mad otherwise.
Reply With Quote
  #7  
Old 12th January 2008, 13:36
xrat xrat is offline
Member
 
Join Date: Nov 2006
Location: Vienna, Austria
Posts: 56
Thanks: 68
Thanked 15 Times in 12 Posts
Default

Congratulations
Reply With Quote
  #8  
Old 16th March 2008, 01:31
damaltor damaltor is offline
Junior Member
 
Join Date: Mar 2008
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
Default

hi everybody,

i have a problem that is a bit like the one above:
a local pc running as server (debian 4.0) with apache, mysql, php5, few other things, working perfectly). my ip address is hold constant with dyndns.

now, if i make a new client and a new web with ispconfig, what is the adress i have to enter in firefox? if i make an URL like "www.example.com", this should be linked into my system. but my only "outer" ip is in dyndns. so, if i make a nice URL, how can i make it public or better, how can i make it accessible from outside?

i hope you understand my problem, my english usually is very good but i dont think that i described this very well...

thanks for every answer!

damaltor
Reply With Quote
  #9  
Old 16th March 2008, 09:42
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 34,586
Thanks: 792
Thanked 4,983 Times in 3,903 Posts
Default

Quote:
now, if i make a new client and a new web with ispconfig, what is the adress i have to enter in firefox? if i make an URL like "www.example.com", this should be linked into my system. but my only "outer" ip is in dyndns. so, if i make a nice URL, how can i make it public or better, how can i make it accessible from outside?
You will have to configure it at your yndns service to point to the same IP then your first domain.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #10  
Old 16th March 2008, 12:32
damaltor damaltor is offline
Junior Member
 
Join Date: Mar 2008
Posts: 6
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

found that out, too. thanks though
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New ISPconfig setup domain question wildgoosed Installation/Configuration 1 1st August 2007 20:30
Questions on Upgrading PHP, and ISPConfig bagpiperdude90 Installation/Configuration 2 8th June 2007 16:45
Multiple ISPConfig & DNS Questions and Problems bfriend Installation/Configuration 3 6th January 2007 06:14
godaddy and centos 4.3 setup with single ip on dsl using ispconfig sethtat HOWTO-Related Questions 3 21st June 2006 01:34
SP-Server Setup - Ubuntu 5.10 "Breezy Badger" - Page 6 (changes) LuisC-SM HOWTO-Related Questions 0 21st April 2006 15:16


All times are GMT +2. The time now is 02:45.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.