The Perfect Server - CentOS 5.5 x86_64 [ISPConfig 3] - Page 5

15 Installing Apache2 With mod_php, mod_fcgi/PHP5, And suPHP

ISPConfig 3 allows you to use mod_php, mod_fcgi/PHP5, cgi/PHP5, and suPHP on a per website basis.

mod_fcgid is not available in the official CentOS repositories, but there's a package for CentOS 5.x in the centos.karan.org testing repository. We enable the repository as follows:

cd /etc/yum.repos.d/
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo

Next we open /etc/yum.repos.d/kbsingh-CentOS-Extras.repo...

vi /etc/yum.repos.d/kbsingh-CentOS-Extras.repo

... and set gpgcheck to 0 and enabled to 1 in the [kbs-CentOS-Testing] section:

[...]
[kbs-CentOS-Testing]
name=CentOS.Karan.Org-EL$releasever - Testing
gpgcheck=0
gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt
enabled=1
baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/

Afterwards we can install Apache2with mod_php5, mod_fcgid, and PHP5:

yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-mbstring php-mcrypt php-mhash php-mssql php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel mod_fcgid php-cli httpd-devel

Next we open /etc/php.ini...

vi /etc/php.ini

... and change the error reporting (so that notices aren't shown any longer) and add cgi.fix_pathinfo = 1 at the end of the file:

[...]
;error_reporting  =  E_ALL
error_reporting = E_ALL & ~E_NOTICE
[...]
cgi.fix_pathinfo = 1

Next we install suPHP:

cd /tmp
wget http://suphp.org/download/suphp-0.7.1.tar.gz
tar xvfz suphp-0.7.1.tar.gz
cd suphp-0.7.1/
./configure --prefix=/usr --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs --with-apache-user=apache --with-setid-mode=owner --with-php=/usr/bin/php-cgi --with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes
make
make install

Then we add the suPHP module to our Apache configuration...

vi /etc/httpd/conf.d/suphp.conf

LoadModule suphp_module modules/mod_suphp.so

... and create the file /etc/suphp.conf as follows:

vi /etc/suphp.conf

[global]
;Path to logfile
logfile=/var/log/httpd/suphp.log
;Loglevel
loglevel=info
;User Apache is running as
webserver_user=apache
;Path all scripts have to be in
docroot=/
;Path to chroot() to before executing script
;chroot=/mychroot
; Security options
allow_file_group_writeable=true
allow_file_others_writeable=false
allow_directory_group_writeable=true
allow_directory_others_writeable=false
;Check wheter script is within DOCUMENT_ROOT
check_vhost_docroot=true
;Send minor error messages to browser
errors_to_browser=false
;PATH environment variable
env_path=/bin:/usr/bin
;Umask to set, specify in octal notation
umask=0077
; Minimum UID
min_uid=100
; Minimum GID
min_gid=100
[handlers]
;Handler for php-scripts
x-httpd-suphp="php:/usr/bin/php-cgi"
;Handler for CGI-scripts
x-suphp-cgi="execute:!self"

Finally we restart Apache:

/etc/init.d/httpd restart

 

16 Install PureFTPd

PureFTPd can be installed with the following command:

yum install pure-ftpd

Then create the system startup links and start PureFTPd:

chkconfig --levels 235 pure-ftpd on
/etc/init.d/pure-ftpd start

 

17 Install A Chrooted DNS Server (BIND9)

To install a chrooted BIND9, we do this:

yum install bind-chroot

Then do this:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
touch /var/named/chroot/var/named/named.local
cp /usr/share/doc/bind-9.3.6/sample/var/named/named.root /var/named/chroot/var/named/named.root
touch /var/named/chroot/etc/named.conf.local
vi /var/named/chroot/etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named/chroot/var/named";
        dump-file       "/var/named/chroot/var/named/data/cache_dump.db";
        statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion no;
        allow-recursion { none; };
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.root";
};
include "/var/named/chroot/var/named/named.local";

chkconfig --levels 235 named on
/etc/init.d/named start

BIND will run in a chroot jail under /var/named/chroot/var/named/. I will use ISPConfig to configure BIND (zones, etc.).

 

18 Install Vlogger And Webalizer

Vlogger and webalizer can be installed as follows:

yum install webalizer perl-DateTime-Format-HTTP perl-DateTime-Format-Builder

cd /tmp
wget http://n0rp.chemlab.org/vlogger/vlogger-1.3.tar.gz
tar xvfz vlogger-1.3.tar.gz
mv vlogger-1.3/vlogger /usr/sbin/
rm -rf vlogger*

 

19 Install Jailkit

Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.11.tar.gz
tar xvfz jailkit-2.11.tar.gz
cd jailkit-2.11
./configure
make
make install
cd ..
rm -rf jailkit-2.11*

 

20 Install fail2ban

This is optional but recommended, because the ISPConfig monitor tries to show the log:

yum install fail2ban

chkconfig --levels 235 fail2ban on
/etc/init.d/fail2ban start

 

21 Install rkhunter

rkhunter can be installed as follows:

yum install rkhunter

Share this page:

81 Comment(s)

Add comment

Comments

From: NetSage at: 2010-05-30 17:22:59

I've been messing with clearOS but they are using old versions(like php 5.1.9) of everything it was just not worth that hassle for a all in one control panel.  I've never used ISPconfig but it looks nice.

From: Anonymous at: 2010-12-03 14:26:21

Server install ok but add dns, site I can not access local network. sample client name test (/var/www/clients/client3/web7/web). What is local network internet explorer access address ? Can you help me please ?

From: Anonymous at: 2011-12-04 12:55:30

Works great. thx

From: at: 2010-12-28 16:42:56

For all who would like to update PHP to version 5.2 at the end do what is written here: http://wiki.centos.org/HowTos/PHP_5.1_To_5.2

From: Hosting Murah at: 2011-06-05 16:49:01

I think it needs to give a tutorial using the command prompt, to make it easier for those who are not accustomed.

From: Anonymous at: 2010-06-19 14:09:59

For i386

cd /tmp
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
rpm -ivh rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

From: Anonymous at: 2010-07-01 08:48:23

Wow you download i386 and install x86_64 rpm? Please correct it.

From: Mikel at: 2010-07-15 17:29:49

Correction

For i386

cd /tmp
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
rpm -ivh rpmforge-release-0.5.1-1.el5.rf.i386.rpm

From: Anonymous at: 2010-08-03 12:22:15

Step 9 link is now:

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

From: Anonymous at: 2010-08-09 18:59:06

On step 7

 I have a qusetion on what the file /etc/yum.repos.d/CentOS-Base.repo

 Should look like when your done editing it

From: Walter Pabon at: 2010-09-08 14:30:02

On point 9, there is a little fix, in the import key issue:

there is no more the url: http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt

so the new url must to be like this: http://apt.sw.be/RPM-GPG-KEY.dag.txt

finally the correct command must to be like this:

rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt

From: at: 2011-01-30 13:55:30

When running:
yum install ntp httpd mysql-server php php-mysql php-mbstring php-mcrypt phpmyadmin

I received the message: No package phpmyadmin available.
Everything else went okay.

From: Anonymous at: 2010-05-28 01:11:47

Why is it that there is no some more up-to-date postfix with mysql form centos?

I know that centos provide what red hat does, but is it that hard to compile postfix with mysql on centos? I do not know how to do this, but I would use this system for sure if postfix would be updated to newer one.

IMO dovecot and sieve are great change for better in ISPconfig. With amavis, SA and clam, latest postfix would round up an excelent email server part of it.

From: Tim at: 2010-06-27 09:54:47

That's exactly what I was looking to do. I built Postfix v2.6.5 and Dovecot  v1.2 all from source with the sieve plugin also from source. The key is to build Postfix with mysql support. Download the source for Postfix, extract the package and run this from the source directory for Postfix:

Note:

Be sure you have installed the dev package for mysql ( mysql-devel )  and added a postfix and postdrop user and group ( read the INSTALL file in the source dir )

 make makefiles CCARGS='-DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" -DUSE_TLS -DHAS_MYSQL -I/usr/include/mysql' \
 AUXLIBS="-lssl -lcrypto  -L/usr/lib/mysql -lmysqlclient -lz -lm -lsasl2"

make install

then follow the rest of the ispconfig 3 How-To

From: at: 2010-07-13 00:03:24

Dovecot version in step 10 is out of date.  I had to use the following while doing the install today.

rpm -ivh http://dl.atrpms.net/all/dovecot-1.2.12-1_109.el5.x86_64.rpm
rpm -ivh http://dl.atrpms.net/all/dovecot-sieve-0.1.17-5.el5.x86_64.rpm

 I hope this does not affect later parts of this setup.

From: at: 2010-08-09 10:54:36

Again out? Anyone has updated links?

From: Ken at: 2010-08-11 23:18:37

Instructing readers to download and install RPM files manually from a repo such as ATRPMS.net or even RPMFORGE is irresponsible.  Instead, teach them the correct way to use a repo.  Download the release/repo RPM then use "yum".  In the case of ATRPMS and CentOS5, download atrpms-repo from http://atrpms.net/dist/el5/.  Edit

/etc/yum.repos.d/atrpms.repo

and add the line (in this instance) to limit ATRPMS packages only to dovecot.  Otherwise you may make your system unstable.

includepkgs=dovecot dovecot-sieve

Then run "yum install dovecot dovecot-sieve" and you're done.

This also eliminates the need to manually download newer versions of dovecot.  Just run "yum update" and they get updated with the rest of the RHEL/CentOS packages.

From: Anonymous at: 2010-09-23 19:04:26

Thank you for that info.

From: Adam at: 2010-10-01 15:31:31

Don't use this method! You will end up with dovecot 2.0 which doesn't work with ISPConfig.

From: Anonymous at: 2010-10-08 12:01:26

you will NOT!!

as far as you add in addition:

exclude=dovecot-2*

btw. I used the testrepo not the default one

 

cheers

From: Mike at: 2010-10-20 19:51:55

For those who are copy/pasting, install using

yum install dovecot dovecot-sieve

by using the following in your /etc/yum.repos.d/atrpms.repo.  As of the date of this comment, dovecot is not listed in stable, it is listed in testing.

[atrpms]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
failovermethod=priority
exclude=dovecot-2*
includepkgs=dovecot dovecot-sieve

#
# requires stable
#
[atrpms-testing]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/testing
failovermethod=priority
enabled=1
exclude=dovecot-2*
includepkgs=dovecot dovecot-sieve

#
# requires stable and testing
#
[atrpms-bleeding]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms bleeding
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/bleeding
failovermethod=priority
enabled=0

From: Ash at: 2010-12-01 22:51:37

The following worked for me...

 

[atrpms]
name=Red Hat Enterprise Linux 5 - i386 - ATrpms
baseurl=http://dl.atrpms.net/el5-i386/atrpms/stable
failovermethod=priority
exclude=dovecot-2*
includepkgs=dovecot dovecot-sieve

#
# requires stable
#
[atrpms-testing]
name=Red Hat Enterprise Linux 5 - i386 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-i386/atrpms/testing
failovermethod=priority
enabled=1
exclude=dovecot-2*
includepkgs=dovecot dovecot-sieve

#
# requires stable and testing
#
[atrpms-bleeding]
name=Red Hat Enterprise Linux 5 - i386 - ATrpms bleeding
"/etc/yum.repos.d/atrpms.repo" 26L, 620C

From: bkraul at: 2010-12-29 18:56:55

This method installs dovecot 1.0. Then dovecot-sieve failse because it has dovecot 1.2 as a dependency. Am I missing something here?

From: Pizzahut at: 2010-10-08 03:46:34

This Link For i386 version

 http://dl.atrpms.net/el5Client-i386/atrpms/testing/dovecot-1.2.14-1_112.el5.i386.rpm
http://dl.atrpms.net/el5Client-i386/atrpms/testing/dovecot-sieve-0.1.17-5.el5.i386.rpm

From: at: 2010-08-09 10:58:42

okay, for step 10, these are updated links:

http://dl.atrpms.net/el5-x86_64/atrpms/testing/dovecot-1.2.13-1_111.el5.x86_64.rpm

http://dl.atrpms.net/el5-x86_64/atrpms/testing/dovecot-sieve-0.1.17-5.el5.x86_64.rpm

From: Pooh at: 2010-08-05 08:32:08

In  /usr/lib/perl5/vendor_perl/5.8.8/Archive/Tar.pm
change
$VERSION                = "1.39_01";
to
$VERSION                = 1.39_01;

From: Anonymous at: 2010-08-03 13:48:57

Step 14

sa-update results in this:

Argument "1.39_01" isn't numeric in subroutine entry at /usr/bin/sa-update line 83

so SpamAssassin is not able to update?

Any fixes?

From: at: 2010-11-10 13:16:17

If dovecot fails to start saying " Fatal: listen(::, 143) failed: Address already in use" then add "listen=*" to your /etc/dovecot.conf file. It's trying to listen for ipv6 addresses which are not enabled by default (on our standard images anyway).

From: MS at: 2010-11-05 07:55:37

Updated links:

rpm -ivh http://dl.atrpms.net/el5-i386/atrpms/testing/dovecot-1.2.15-1_113.el5.i386.rpm
rpm -ivh http://dl.atrpms.net/el5-i386/atrpms/testing/dovecot-sieve-0.1.18-6.el5.i386.rpm

From: Anonymous at: 2010-11-18 18:57:15

While according to PMA themselves (http://wiki.phpmyadmin.net/pma/Auth_types) using cookie vs. http authentication results in about the same security, I prefer using cookie as the login is much nicer.

To enable, generate a blowfish secret (using something like http://www.geektimedesign.com/geek-stuff/tools-blowfish-generator.cfm is helpful) and paste it into the line  $cfg['blowfish_secret'] = '' in /usr/share/phpmyadmin/config.inc.php.

Additionally, while it is mostly "security by obscurity" (and some pretty bad obscurity at that), I prefer to change the default /phpmyadmin alias to /pma, which can be done by changing the appropriate "alias" line in /etc/httpd/conf.d/phpmyadmin.conf. I also deleted the other two aliases (/phpMyAdmin and /mysqladmin).

From: Joseph Mouhanna at: 2010-11-08 01:29:53

Note that clamd is obsoleted by clamav, so replace instances of clamd with clamav.

From: Joseph Mouhanna at: 2010-11-09 11:57:43

In addition to these instructions, you need to install the GPG public key, prior to running yum, else it will fail with a message about the missing key:

wget http://ATrpms.net/RPM-GPG-KEY.atrpms
rpm --import RPM-GPG-KEY.atrpms

From: Anonymous at: 2010-12-13 18:01:33

On my installation I had to correct as follow:

ln -s /var/run/clamav/clamd.sock /var/spool/amavisd/clamd.sock

 to:

ln -s /var/run/clamav/clamd.sock /var/spool/amavisd/clamd.socket

From: rzlines at: 2010-12-01 07:32:05

Hi,

The links on step 10 don't work and this is the latest update that I found working so use the following:

rpm -ivh http://wolfcastle.wu-wien.ac.at/dist/rhel5-x86_64/RPMS.at-testing/dovecot-1.2.14-1_112.el5.x86_64.rpm

rpm -ivh http://wolfcastle.wu-wien.ac.at/dist/rhel5-x86_64/RPMS.at-testing/dovecot-sieve-0.1.17-5.el5.x86_64.rpm

 

 

From: Anonymous at: 2010-12-02 04:51:09

New dovecot links for i386 structure:

 

http://wolfcastle.wu-wien.ac.at/dist/rhel5-i386/RPMS.at-testing/dovecot-1.2.15-1_113.el5.i386.rpm

http://wolfcastle.wu-wien.ac.at/dist/rhel5-i386/RPMS.at-testing/dovecot-sieve-0.1.17-5.el5.i386.rpm

From: CEE at: 2011-01-23 18:12:02

If sendmail is not already in use then you do not need to use the stop command. You can also save the trouble of setting permissions and changing settings for sendmail by simply deleting it with the following command which will remove the application and all dependancies

rpm –e --nodeps sendmail

From: csf at: 2011-02-03 13:59:27

After completing tutorial several times with i386 and _64 OS on several servers to be sure. Dovecot and dovecot-sieve installs, starts but does not Send  Receive email. I have tried both dovecot 1x and 2x packages.

Everything looks fine in ISPConfig monitor. ALL services running.

Also, ISPConfig by default sends an email to client when client creates account. On my systems client doesnt receive email from ISPConfig.My clients are able to log into squirrelmail, but not send/receive emails.

From: Anonymous at: 2011-04-30 10:49:26

For Centos the installer seems to have been updated to put the amavisd.conf file in /etc/amavisd.conf (and not /etc/amavisd/amavisd.conf which I think is the debian place for it). This means that you don't need to change /etc/sysconfig/amavisd (the default conf location is /etc/amavisd.conf)

 I hope that save someone else some time and confusion.

From: at: 2010-06-02 23:40:02

./configure --prefix=/usr --sysconfdir=/etc --with-apr=/usr/bin/apr-1-config --with-apxs=/usr/sbin/apxs --with-apache-user=apache --with-setid-mode=owner --with-php=/usr/bin/php-cgi --with-logfile=/var/log/httpd/suphp_log --enable-SUPHP_USE_USERGROUP=yes

 produces this error:

bash: ./configure: /bin/sh: bad interpreter: Permission denied

 

From: Anonymous at: 2010-08-03 14:23:16

you need apr-devel for the script to work (not mentioned here)

yum install apr-devel

then install suphp as above

 

From: at: 2010-09-21 01:20:36

I also needed httpd-devel to compile suphp.

Before compiling suphp just run:

yum install apr-devel httpd-devel

From: at: 2011-01-11 11:22:43

Thankyou for this. I missed this one and got a bit stumped.

From: Ligi at: 2011-09-05 12:59:28

you probably also need to "yum -y install gcc-c++".Had to install this on my centos 5 server to be able to get around this.

From: Mark Pugh at: 2010-09-17 15:54:47

I had this problem. It's actually because on my RHEL base install the /tmp mount has noexec as an option in /etc/fstab:

 LABEL=/tmp              /tmp                    ext3    defaults,nosuid,nodev,noexec        1 2

If you copy your suphp dir to your home directory and then try it, it's fine:

 mv suphp-0.7.1 ~
cd ~/suphp-0.7.1
./configure..etc

 

From: at: 2010-06-02 23:49:14

The error I encountered was due to the directory tmp.

I am on a remote hosted server and the tmp directory is mounted with noexec

So, I changed to /usr/local/src and all is well.

From: newbie at: 2010-06-28 05:46:15

in line :

Then we add the suPHP module to our Apache configuration...

vi /etc/httpd/conf.d/suphp.conf

Is this right? I think maybe it should be:

vi /etc/httpd/conf/httpd.conf

Sorry if I'm mistaken

From: at: 2010-07-06 23:02:56

The Apache config file ('/etc/httpd/conf/httpd.conf') file actually loads any '.conf' file found in '/etc/httpd/conf.d/' so, though the HOWTO is actually correct, it may have been better worded to;

Then we add the suPHP module to our Apache configuration by creating a new file 'suphp.conf' in '/etc/https/conf.d/'...

vi /etc/httpd/conf.d/suphp.conf

From: Anonymous at: 2010-08-09 20:02:56

hi, nice tutorial...but one problem

i cannot make bind9 to start

  /etc/init.d/named start
Starting named:                                            [FAILED]

do you know what problem can be?

 

thanks in advance

From: Anonymous at: 2010-08-16 16:49:51

named failed to start for me too...

Aug 16 17:40:27 host named[5745]: starting BIND 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 -u named -t /var/named/chroot
Aug 16 17:40:27 host named[5745]: adjusted limit on open files from 1024 to 1048576
Aug 16 17:40:27 host named[5745]: found 2 CPUs, using 2 worker threads
Aug 16 17:40:27 host named[5745]: using up to 4096 sockets
Aug 16 17:40:27 host named[5745]: loading configuration from '/etc/named.conf'
Aug 16 17:40:27 host named[5745]: none:0: open: /etc/named.conf: permission denied
Aug 16 17:40:27 host named[5745]: loading configuration: permission denied
Aug 16 17:40:27 host named[5745]: exiting (due to fatal error)

 

looks like permissions.., not sure what to change though with the chrooted link  (STEP 17:   ln -s ../../ chroot).

Obviously named.conf does not exist at /etc/named.conf because its actually in /var/named/chroot/etc/ .  What/who needs permission on what folder(s)/file(s)?

PS - I followed the tutorial exactly BUT I am using the gnome destop as well.

From: Anonymous at: 2010-08-16 17:12:59

Once the linked file is created:  /etc/named.conf  (has a green link arrow on it)  adjust the permissions for the group "named" to read & write then restart the named service.

I ran this below in addition to the step 17 commands and finally saw the named.conf link file... Once the permissions were adjusted the service starts fine.

ln -s /chroot/named/etc/named.conf /etc/named.conf

hope that helps

From: Anonymous at: 2011-03-17 11:11:20

After i type this command
/etc/init.d/named start
 
i got this error
 
Starting named:
Error in named configuration:
/etc/named.conf:2: unknown option 'ptions'
                                                           [FAILED]
 
 Can somebody help me?

From: at: 2010-11-17 13:52:57

For all those who had the this issue, I googled and found this solutions to be very helpful. Perhaps it only affects those who are using VPS, particularly a Virtuozzo Parallel Power Panel setup.

http://blog.newart-design.net/tag/centos-pure-ftpd-install/

From: Anonymous at: 2010-12-05 14:30:02

Worked for me... Need to lookup the current version of pureftpd at ftp://ftp.pureftpd.org/pub/pure-ftpd/releases/

 Also, need to make sure you have mysql-devel package installed.

From: Anonymous at: 2011-03-02 13:09:17

On my centos 64 yum was trying to install both 32 and 64 versions of mysql-devel. This helped:

 yum install mysql-devel.x86_64

From: Joseph Mouhanna at: 2010-11-09 12:39:51

The proper version to use is 2.13, not 2.11 (tar does not work on 2.11) You should use the following instead:

 

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.13.tar.gz
tar xvfz jailkit-2.13.tar.gz
cd jailkit-2.13
./configure
make
make install
cd ..
rm -rf jailkit-2.13*

From: at: 2010-11-16 14:43:51

I tried installing Pure-FTPd, followed the 3-line instructions but got this instead ...

yum install pure-ftpd
chkconfig --levels 235 pure-ftpd on
/etc/init.d/pure-ftpd start

Starting pure-ftpd:                                        [FAILED]

From: Anonymous at: 2010-10-24 21:18:54

Hi there.

I followed this tutorial all the way through however even after setting up a client, site, email domain and mailbox in ISPconfig - I cannot login to Squirrelmail - Just keeps on saying:

Unknown user or password incorrect.

Very frustrating!

From: rwheindl at: 2010-11-22 23:36:46

I spent a few days trying to get DNS to resolve using "dig @localhost mydomain.com" and found an error in the last line of /var/named/chroot/etc/named.conf.

ISPConfig 3 defaults to: /var/named/chroot/var/named/named.local
This setting is found under: SYSTEM -> Server Config -> DNS

However, the instructions for named.conf file sets it to:
include "/var/named/chroot/etc/named.conf.local";

Had to change it to reflect the setting in ISPConfig to get bind to resolve names properly:
include "/var/named/chroot/var/named/named.local";

 Then run "/etc/init.d/named restart" with the corrected setting.

From: steve at: 2010-12-08 13:22:00

after the successfull installation of ISPConfig 3 the monitoring interface told me that fail2ban is not installed. After checking I found that it is installed and running. Finally i added a symink for fail2ban. This worked fine.

So if anyone has issues showing fail2ban in the monitoring gui just add a symlink like this:

ln -s /usr/share/fail2ban/ /usr/bin/fail2ban

Thanks to the ISPConfig Team your software really ROCK!!!!!!

From: Uncher at: 2010-12-10 08:15:03

If you install pure-ftpd in VPS server (OpenVZ or Virtuozzo based):
chkconfig --levels 235 pure-ftpd on
yum -y install mysql-devel.x86_64 pam-devel.x86_64
wget http://download.pureftpd.org/pub/pure-ftpd/releases/pure-ftpd-1.0.29.tar.gz
tar xzfv pure-ftpd-1.0.29.tar.gz
cd pure-ftpd-1.0.29
./configure --without-capabilities --with-virtualchroot --with-mysql --with-pam --with-altlog --with-wrapper --with-mysql --with-cookie --with-throttling --with-ratios --with-paranoidmsg --with-quotas
make && make install /etc/init.d/pure-ftpd start

From: at: 2011-01-25 19:52:39

vps users having problems with pure-ftpd

could also try:

 

i386

wget http://download.fedora.redhat.com/pub/epel/5/i386/pure-ftpd-1.0.29-1.el5.1.i386.rpm

rpm -ivh  pure-ftpd-1.0.29-1.el5.1.i386.rpm

 

x86_64

wget http://download.fedora.redhat.com/pub/epel/5/x86_64/pure-ftpd-1.0.29-1.el5.1.x86_64.rpm

rpm -ivh  pure-ftpd-1.0.29-1.el5.1.x86_64.rpm

From: Anonymous at: 2011-05-22 19:42:18

Thank you! I was following "The Perfect Server - CentOS 5.6 x86_64 [ISPConfig 3]" guide and ran into problems in the pure-ftpd section. This fixed my issue. I have VPS hosting from VolumeDrive.

From: stikk at: 2011-02-11 13:41:37

Since PHP 5.3.0 php-mhash was removed

 so if you are using remi-repo or eq.  remove the php-mhash from the yum install line

From: Vladimir at: 2011-04-02 07:27:10

Next we install suPHP:

cd /tmp
wget http://suphp.org/download/suphp-0.7.1.tar.gz


can't download suPHP, saying conecting to suphp.org:78.46.242.34:80... connected

HTTP request sent, awaithing for response. 

and here hangs... After 3-5 min i get:

Read error (Connection reset by peer) in headers.

Retrying.

From: Anonymous at: 2011-03-18 11:45:07

I have followed all the tutorial successfully but 

I have following error, please advice me to resolve following error

[root@rizserver ~]# /etc/init.d/named restart

Stopping named:                                                                                             [ OK ]
Starting named:
Error in named configuration:
/etc/named.conf:5: unknown option 'DNS'
                                                                                                                     [FAILED]

ISPconfig showing DNS service Offline


From: jimmy at: 2012-05-22 06:56:25

don't just copy and paste those informations, take a look on this when you copy and paste 

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8)
 DNS -->> this will be the error
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named/chroot/var/named";
        dump-file       "/var/named/chroot/var/named/data/cache_dump.db";
        statistics-file "/var/named/chroot/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/chroot/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.root";
};
include "/var/named/chroot/var/named/named.local";

From: Phillip Vance at: 2010-06-01 20:11:48

Does this tutorial (The Perfect Server - CentOS 5.5 x86_64 [ISPConfig 3]) work for the 32bit version of CentOS

From: Krissie at: 2010-06-25 05:50:18

It appears to work - just replace all instances of x86_64 in the various urls and filenames to i386

From: bkraul at: 2010-08-03 06:01:16

Also make sure that on step 10 - Dovecot, you do not do the following step:

rm -fr /usr/lib/dovecot/
ln -s /usr/lib64/dovecot/ /usr/lib/dovecot

From: MS at: 2010-11-09 12:15:53

On i386 system step 10 is :
ln -sf /usr/lib/dovecot

 MS :)

From: Marcelo Gondim at: 2010-07-06 21:31:55
From: James Tan at: 2010-07-23 06:30:04

How about doing this?

 ln -s /var/named/chroot/etc/named.conf* /etc/

 
 

From: Arno at: 2011-02-16 16:40:18

same same..

I followed the howto line by line, but bind does not record the domains. they are mentioned in ispconfig, but the zone is empty.

after ln -s or cp of the /etc/named.conf.local to /var/named/chroot/etc/

 then bind see all, but does not start because a lack of ttl.

after removing this file/link all works, but no local domainlookup..and no zones (except rootzone)

help?!

 tnx..

 

arno

From: Hans van Zijl at: 2010-08-07 23:38:30

If jou are installing ISPconfig on a VM which is running on Hyper-V you might run into problems with the firewall which is used by ISPconfig.

This is the case when you install the Linux Integration components available from Microsoft. The problem is that the synthetic network adapters installed by the integration components do not get an interface name beginning with 'eth'.

-> The Bastille firewall script explicitly calls for 'eth+' interfaces.

You have to edit /etc/Bastille/bastille-firewall.cfg.

-> PUBLIC_IFCES="eth+ ppp+ slip+ venet+"

should be changed into

-> PUBLIC_IFCES="seth+ ppp+ slip+ venet+"

From: Anonymous at: 2010-08-16 17:33:55

update to step 23

cd /tmp
wget http://downloads.sourceforge.net/ispconfig/ISPConfig-3.0.2.2.tar.gz?use_mirror=
tar xvfz ISPConfig-3.0.2.2.tar.gz
cd ispconfig3_install/install/

 

From: Anonymous at: 2010-11-20 09:20:35

very good manual. many thanks all

From: whopsii at: 2010-09-17 12:01:49

i followed all the step ultra carefully since i am a novice.

it was a hilarious moment when i saw my server working just like the last page shown.

then i use command  " shutdown -r now " to restart my server.

then problem starting to exist. i cant open my server web page and after doing some research, i found this problem

 "  Starting httpd: Warning: DocumentRoot [/var/www/clients/client1/web2/web] does not exist
httpd: bad user name web2 "

and something message like "failed" and then i found out that i cant start my httpd.

any clue from the expert around here.

thanks.

From: Skyler Sully at: 2010-10-09 15:17:35

Hey whopsii,

 You probably figured this out--but you need to configure apache (httpd) to:

  • Run on boot (use /sbin/service --levels 235 httpd on)
  • Accessible through firewall (type in 'setup' command and go to firewall configuration)

When you restarted your computer, you stopped the service, but since it wasn't configured to come back up--there you go.

 If that doesn't work, it could be something else, but that's where I would start.

From: mr.tim at: 2011-03-11 19:53:26

Hello, and thank you for this great tutorial.

It works perfect, from page 1 to the last. It's really the perfect server :).

I was thinking about a solution, regarding the 25 port, that is blocking by ISP's  i found'it but i don't now how to set up. Maybe you can help me please.

Now, i host different domains on isp server, all o them with email service. The email service works on 25 port. If a client connect with Outlook to chek his emails but his ISP blocks the 25 port, i want him to have an alternative. Also if it connect with a modem, that by default the modem ip, is see like makeing spam, i  want a solution that if he change de smtp port from 25 to another, the emails will not be checked for spam, and the spamhaus message will not be seen by the client.

I think about a solution, maybe you have de programing codes to makeit work, or maybe already exist a topic to resolve this. I din'd found it.

So...let's setup in the email client, for example Outlook, the SMTP port from 25, to lets say, 35000, so that all connections are made on this port.

Now in the server, we setup a port, the same port, 35000, to listen all the traffic that comes. And if finds a email traffic relative to a domain that it hosts, take that email and deliver without cheking for spam. This is a solution for the clients that connect with a modem, 3g or adsl, or for the clients that connects from an ISP that block 25 port.

I use centos 5.5 x86_64 and isp config 3. 

Can you help me wiht this, i must say im novice at this chapter but i learn very fast.

 

Thank you!

From: Tserts at: 2011-03-30 23:38:58

Unbelievable! Level 1 VPS Hostgator users need to follow this. I was at a loss initially and this helped me get started at last!

Thank you again for the time you took to save me from jumping off my balcony.

From: at: 2012-03-21 15:34:59

Hi,

i had followed all above step to install squirrel mail and ispconfig

http://trade.sarthi.net/webmail/src/login.php

username : anupam@myonlinetrade.net

password : anupam

this is write password but still not able to login in webmail

SuirrelMail version 1.4.8-5.el5.centos.13
By the SquirrelMail Project Team

ERROR
Unknown user or password incorrect.

 

i think some configuration . please help me to resolve this issue

Thanks in Advance