CentOS 5.1 Server Setup: LAMP, Email, DNS, FTP, ISPConfig (a.k.a. The Perfect Server) - Page 6

12 Apache2 With PHP

Now we install Apache with PHP (this is PHP 5.1.6):

yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel

Then edit /etc/httpd/conf/httpd.conf:

vi /etc/httpd/conf/httpd.conf

and change DirectoryIndex to

[...]
DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl
[...]

Now configure your system to start Apache at boot time:

chkconfig --levels 235 httpd on

Start Apache:

/etc/init.d/httpd start

 

12.1 Disable PHP Globally

(If you do not plan to install ISPConfig on this server, please skip this section!)

In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.

To disable PHP globally, we edit /etc/httpd/conf.d/php.conf and comment out the AddHandler and AddType lines:

vi /etc/httpd/conf.d/php.conf

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#

LoadModule php5_module modules/libphp5.so

#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps

Afterwards we restart Apache:

/etc/init.d/httpd restart

 

13 ProFTPd

ISPConfig has better support for proftpd than vsftpd, so let's remove vsftpd:

yum remove vsftpd

Because CentOS has no proftpd package, we have to compile Proftpd manually:

cd /tmp/
wget --passive-ftp ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.1.tar.gz
tar xvfz proftpd-1.3.1.tar.gz
cd proftpd-1.3.1/
./configure --sysconfdir=/etc
make
make install
cd ..
rm -fr proftpd-1.3.1*

The proftpd binary gets installed in /usr/local/sbin, but we need it in /usr/sbin, so we create a symlink:

ln -s /usr/local/sbin/proftpd /usr/sbin/proftpd

Now create the init script /etc/init.d/proftpd:

vi /etc/init.d/proftpd

#!/bin/sh
# $Id: proftpd.init,v 1.1 2004/02/26 17:54:30 thias Exp $
#
# proftpd        This shell script takes care of starting and stopping
#                proftpd.
#
# chkconfig: - 80 30
# description: ProFTPD is an enhanced FTP server with a focus towards \
#              simplicity, security, and ease of configuration. \
#              It features a very Apache-like configuration syntax, \
#              and a highly customizable server infrastructure, \
#              including support for multiple 'virtual' FTP servers, \
#              anonymous FTP, and permission-based directory visibility.
# processname: proftpd
# config: /etc/proftp.conf
# pidfile: /var/run/proftpd.pid

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0

[ -x /usr/sbin/proftpd ] || exit 0

RETVAL=0

prog="proftpd"

start() {
        echo -n $"Starting $prog: "
        daemon proftpd
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && touch /var/lock/subsys/proftpd
}

stop() {
        echo -n $"Shutting down $prog: "
        killproc proftpd
        RETVAL=$?
        echo
        [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/proftpd
}

# See how we were called.
case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        status proftpd
        RETVAL=$?
        ;;
  restart)
        stop
        start
        ;;
  condrestart)
        if [ -f /var/lock/subsys/proftpd ]; then
          stop
          start
        fi
        ;;
  reload)
        echo -n $"Re-reading $prog configuration: "
        killproc proftpd -HUP
        RETVAL=$?
        echo
        ;;
  *)
        echo "Usage: $prog {start|stop|restart|reload|condrestart|status}"
        exit 1
esac

exit $RETVAL

Then we make the init script executable:

chmod 755 /etc/init.d/proftpd

Next we open /etc/proftpd.conf and change Group to nobody:

vi /etc/proftpd.conf

[...]
Group                           nobody
[...]

For security reasons you can also add the following lines to /etc/proftpd.conf (thanks to Reinaldo Carvalho; more information can be found here: http://proftpd.org/localsite/Userguide/linked/userguide.html):

vi /etc/proftpd.conf

[...]
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."
[...]

Now we can create the system startup links for Proftpd:

chkconfig --levels 235 proftpd on

And finally we start Proftpd:

/etc/init.d/proftpd start

Share this page:

16 Comment(s)

Add comment

Comments

From: Richard at: 2009-02-01 10:26:37

Thanks, just moved over to Centos from Windows Server 2003 (I KNOW) and you made it a hell of a lot easier. Thanks man! Now I can start hosting my free online store service :D

From: Nanda at: 2011-01-29 16:00:32

Nice tutorial

From: teddy at: 2009-02-07 18:34:21

[root@teddy ~]# /etc/init.d/proftpd start
Starting proftpd:  - warning: unable to determine IP address of 'teddy'
 - error: no valid servers configured
 - Fatal: error processing configuration file '/etc/proftpd.conf'
                                                           [FAILED]

what's wrong with my configuration ???

please help me ....

send to my email t.eddy.mi04@gmail.com

 

From: Anonymous at: 2009-02-12 19:23:54

Seems that you haven't asigned an ip to you network interface, and tries to get an ip trought DHCP with no luck.  You asign ip's in the first page of this tutorial ( http://images.howtoforge.com/images/perfect_server_centos_5.1/10.png ).

From: shytex.com at: 2010-10-13 07:26:08
From: at: 2008-08-04 13:06:11

With CentOS 5.2 the new Bind version is 9.3.4 so the commands to configure it should be modified as:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
cp /usr/share/doc/bind-9.3.4/sample/var/named/named.local /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.4/sample/var/named/named.root /var/named/chroot/var/named/named.root
touch /var/named/chroot/etc/named.conf
chkconfig --levels 235 named on
/etc/init.d/named start

Regards

From: Jon Pastore at: 2008-11-14 20:53:31

I'm trying to set this up in a VE under open vz.

The /etc/fstab file only contains:

# cat /etc/fstab
none    /dev/pts        devpts  rw      0 0

How do I enable quotas?

 

-Jon

From: Anonymous at: 2010-03-04 13:15:10

Dont worry, that package version keeps changing.

While we have CentOS 5.3  the package is 9.3.6 and so on.

From: David at: 2008-12-06 22:10:58

I had to install php-mysql also. Being a newbie to Linux this took a little searching around to find. Might want to add that to the list of things to do for other newbies... Thanks

From: EnKK at: 2008-12-25 10:12:47

On CentOS, there are three root accounts for MySQL:

root@localhost - pass set by the first command

root@server1.example.com - pass set by the second command

root@127.0.0.1 - the password for this should be set like

# mysqladmin -h 127.0.0.1 -u root password xxxxxx

Check your accounts:

# mysql -p -u root
mysql> select host,user,password from mysql.user;

From: Anonymous at: 2011-10-12 20:22:37

Far better (IF your doing this for production) is to use the provided command:

/usr/bin/mysql_secure_installation

Asks you to set a root password / Disable root remote access / Remove test DB / Remove annonymous user

A lot more secure :)

 

 

From: Anonymous at: 2009-04-23 05:20:02

What if it does not start?

 trying ::1 ...

connect to address ::1 Connection Refused

 

From: at: 2008-01-30 13:51:12

Since you are running dovecot, you can eliminate saslauthd all together and run postfix with dovecot sasl. The you run less services and eliminate a service that runs as root (saslauthd).

From: at: 2008-04-20 14:43:38

If you receive the following dovecot error:

dovecot: imap-login: imap-login: error while loading shared libraries: libsepol.so.1: failed to map segment from shared object: Cannot allocate memory

See this link for details: 

http://www.cyberciti.biz/tips/rhel-dovecot-error-while-loading-shared-libraries.html#comment-143527

It saved me a lot of time!

Thanks, Falko, for the excellent ISPConfig and the how-to!


From: Martin at: 2011-06-07 09:23:57

How To import cert in windows outlook express ?

From: Ton Poppe at: 2010-09-25 07:42:45

Beste falko,

 Ik zag in het script /etc/init.d/proftpd het volgende staan
config: /etc/proftp.conf
moet dit niet zijn??
config: /etc/proftpd.conf

Mvg, Ton