Scan your Web-Server for Malware with ISPProtect now. Get Free Trial.

The Perfect Setup - Debian Woody (3.0) - Page 6

Apache

Add

deb http://packages.dotdeb.org ./

to /etc/apt/sources.list and run

apt-get update

apt-get install apache apache-doc libapache-mod-ssl libapache-mod-ssl-doc
apt-get install libapache-mod-php4 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-gmp php4-imap php4-ldap php4-mcal php4-mcrypt php4-mhash php4-ming php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick (1 line!)

Edit /etc/apache/httpd.conf. Under LoadModules add:

LoadModule php4_module /usr/lib/apache/1.3/libphp4.so
LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so

Under Listen add:

Listen 80
Listen 443

Under "Addtype application" insert:

<IfModule mod_ssl.c>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfModule>

Before "Section 3 : Virtual Hosts" add:

<IfModule mod_ssl.c>
SSLCACertificateFile /etc/apache/ssl.crt/ca-bundle.crt
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/run/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

Change

DirectoryIndex index.html index.htm index.shtml index.cgi

to

DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl

Save /etc/apache/httpd.conf and run

/etc/init.d/apache restart

Proftpd

apt-get install proftpd

<- No

For security reasons you can add the following lines to /etc/proftpd.conf (thanks to Reinaldo Carvalho; more information can be found here: http://proftpd.linux.co.uk/localsite/Userguide/linked/userguide.html):

DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."

and restart Proftpd:

/etc/init.d/proftpd restart

Webalizer

apt-get install webalizer

<- accept default values

Synchronize the System Clock

If you want to have the system clock synchronized with an NTP server you can add the following lines to /var/spool/cron/crontabs/root (if the file does not exist, create it by running

touch /var/spool/cron/crontabs/root):

# update time with ntp server
0 3,9,15,21 * * * /usr/sbin/rdate time.nist.gov | logger -t NTP

Then run

chmod 600 /var/spool/cron/crontabs/root
/etc/init.d/cron restart

Install some Perl Modules needed by SpamAssassin (comes with ISPConfig)

Installation using the Perl Shell

Login to your command line as root and run the following command to start the Perl shell:

perl -MCPAN -e shell

If you run the Perl shell for the first time you will be asked some questions. In most cases the default answers are ok.

Please note: If you run a firewall on your system you might have to turn it off while working on the Perl shell in order for the Perl shell to be able to fetch the needed modules without a big delay. You can switch it on afterwards.

The big advantage of the Perl shell compared to the two other methods described here is that it cares about dependencies when installing new modules. I.e., if it turns out that a prerequisite Perl module is missing when you install another module the Perl shell asks you if it should install the prerequisite module for you. You should answer that question with "Yes".

Run the following commands to install the modules needed by SpamAssassin:

install HTML::Parser
install DB_File
install Net::DNS (when prompted to enable tests, choose no)
install Digest::SHA1
q (to leave the Perl shell)

If a module is already installed on your system you will get a message similar to this one:

HTML::Parser is up to date.

Successful installation of a module looks like this:

/usr/bin/make install -- OK

Compile a Custom Kernel

If you need to compile a new kernel for some reason (e.g. because you want to use the latest bleeding-edge kernel or need a feature that the standard Debian kernel does not offer), you can find more information here: Debian-Kernel-Compile-Howto.


The End

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it.

A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /var/www as the home directory for websites created by ISPConfig as Debian's suExec is compiled with /var/www as Doc_Root. Run /usr/lib/apache/suexec -V, and the output should look like this:

To select /var/www as the home directory for websites during the installation of ISPConfig do the following: When you are asked for the installation mode, select the expert mode.

Later during the installation you are asked if the default directory /home/www should be the directory where ISPConfig will create websites in. Answer n and enter /var/www as the home directory for websites.

Links

Share this page:

Suggested articles

1 Comment(s)

Add comment

Comments

By: dan
Reply  

That would almost certainly be the more practical approach, though at 7 CDs I wouldn't be keen to do it, and I'm a notorious Debian pusher. Of course I'm also pretty lazy... There's rather a gap between fetching packages over the wire (works great if you have the bandwidth for it!) and getting the whole distro on CDs (or DVD - wasn't there an unoffical jigdo setup for Woody DVDs?).