The Perfect Server - CentOS 5.6 x86_64 [ISPConfig 2] - Page 3

4 Adjust /etc/hosts

Next we edit /etc/hosts. Make it look like this:

vi /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.               localhost.localdomain localhost  server1
::1             localhost6.localdomain6 localhost6


5 Configure Additional IP Addresses

(This section is totally optional. It just shows how to add additional IP addresses to your network interface eth0 if you need more than one IP address. If you're fine with one IP address, you can skip this section.)

Let's assume our network interface is eth0. Then there is a file /etc/sysconfig/network-scripts/ifcfg-eth0 which contains the settings for eth0. We can use this as a sample for our new virtual network interface eth0:0:

cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:0

Now we want to use the IP address on the virtual interface eth0:0. Therefore we open the file /etc/sysconfig/network-scripts/ifcfg-eth0:0 and modify it as follows (we can leave out the HWADDR line as it is the same physical network card):

vi /etc/sysconfig/network-scripts/ifcfg-eth0:0

# Intel Corporation 82545EM Gigabit Ethernet Controller (Copper)

Afterwards we have to restart the network:

/etc/init.d/network restart

You might also want to adjust /etc/hosts after you have added new IP addresses, although this is not necessary.

Now run


You should now see your new IP address in the output:

[root@server1 ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:FD:78:BE
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::20c:29ff:fefd:78be/64 Scope:Link
          RX packets:469 errors:0 dropped:0 overruns:0 frame:0
          TX packets:534 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:43223 (42.2 KiB)  TX bytes:100665 (98.3 KiB)
          Base address:0x1070 Memory:e8820000-e8840000

eth0:0    Link encap:Ethernet  HWaddr 00:0C:29:FD:78:BE
          inet addr:  Bcast:  Mask:
          Base address:0x1070 Memory:e8820000-e8840000

lo        Link encap:Local Loopback
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:8 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:560 (560.0 b)  TX bytes:560 (560.0 b)

[root@server1 ~]#


6 Disable The Firewall And SELinux

(You can skip this chapter if you have already disabled the firewall and SELinux at the end of the basic system installation (in the Setup Agent).)

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default CentOS firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the CentOS firewall).

SELinux is a security extension of CentOS that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I disable it, too (this is a must if you want to install ISPConfig later on).



Set both Security Level and SELinux to Disabled and hit OK:

Afterwards we must reboot the system:



7 Install Some Software

First we import the GPG keys for software packages:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

Then we update our existing packages on the system:

yum update

Now we install some software packages that are needed later on:

yum install fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils gcc gcc-c++

Share this page:

5 Comment(s)

Add comment


From: Ivan at: 2011-04-30 15:19:13

CentOS just went three months without a security update, how can that possibly be considered for the "perfect" server?

From: Bob McConnell at: 2011-04-27 12:55:46

I don't see any mention of PCI compliance in the article. That is absolutely necessary before you can accept any credit cards on your servers. Did someone forget that section?

From: Joseph J. Geller at: 2011-05-05 11:41:26


I did not even think of this with regards to ISPConfig but probably a good question. I am developing a site that has to be PCI compliant and just finishing up adding the site using ISPConfig so I will be pursuing this and post what I find here. I know it facilitates SSL Certificates as I am adding a Comodo one next but realize there are a lot more considerations to pass a PCI audit on the server side. I am an MSP and have also posed this question to the CTO at CloudSigma ( which provides the cloud server I am running CentOS 5.5 on with Apache, MySQL and PHP using Joomla, Droomla (Drupal 6 running on Joomla), and Ubercart. I'll see if I can get Falko's attention so we can cut to the chase quickly as I have to have this site up in the next few days.


Stony Creek Consulting, Inc.

Joseph J. Geller 

From: Anonymous at: 2011-06-01 21:33:00

I followed a few guides. I'm waiting to hear you report back. I'm using CentOS, apache, php5.2, joomla1.6 too and would like to know more. 

From: mksa at: 2011-07-18 21:18:24

Dear all,

 Thanks for this guide. I tried it on my VPS with no luck, after digging around I found that you have to move the old installation directories found under "/home" to another path "example /backup" then rerun the installation script again. when its done move out the installation directory "cd /" and restart ispconfig_server service.

 Its working  as it suppose to be now.