The Perfect Server - CentOS 6.3 x86_64 (Apache2, Courier, ISPConfig 3) - Page 7

24 Install ISPConfig 3

Download the current ISPConfig 3 version and install it. The ISPConfig installer will configure all services like Postfix, Courier, etc. for you. A manual setup as required for ISPConfig 2 is not necessary anymore.

You now also have the possibility to let the installer create an SSL vhost for the ISPConfig control panel, so that ISPConfig can be accessed using https:// instead of http://. To achieve this, just press ENTER when you see this question: Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]:.

To install ISPConfig 3 from the latest released version, do this:

cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/

The next step is to run

php -q install.php

This will start the ISPConfig 3 installer:

[root@server1 install]# php -q install.php


--------------------------------------------------------------------------------
 _____ ___________   _____              __ _         ____
|_   _/  ___| ___ \ /  __ \            / _(_)       /__  \
  | | \ `--.| |_/ / | /  \/ ___  _ __ | |_ _  __ _    _/ /
  | |  `--. \  __/  | |    / _ \| '_ \|  _| |/ _` |  |_ |
 _| |_/\__/ / |     | \__/\ (_) | | | | | | | (_| | ___\ \
 \___/\____/\_|      \____/\___/|_| |_|_| |_|\__, | \____/
                                              __/ |
                                             |___/
--------------------------------------------------------------------------------


>> Initial configuration

Operating System: Redhat or compatible, unknown version.

    Following will be a few questions for primary configuration so be careful.
    Default values are in [brackets] and can be accepted with <ENTER>.
    Tap in "quit" (without the quotes) to stop the installer.


Select language (en,de) [en]:
 <-- ENTER

Installation mode (standard,expert) [standard]: <-- ENTER

Full qualified hostname (FQDN) of the server, eg server1.domain.tld  [server1.example.com]: <-- ENTER

MySQL server hostname [localhost]: <-- ENTER

MySQL root username [root]: <-- ENTER

MySQL root password []: <-- yourrootsqlpassword

MySQL database to create [dbispconfig]: <-- ENTER

MySQL charset [utf8]: <-- ENTER

Generating a 2048 bit RSA private key
................+++
..................................................................................................+++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
 <-- ENTER
State or Province Name (full name) []: <-- ENTER
Locality Name (eg, city) [Default City]: <-- ENTER
Organization Name (eg, company) [Default Company Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, your name or your server's hostname) []: <-- ENTER
Email Address []: <-- ENTER
Configuring Jailkit
Configuring SASL
Configuring PAM
Configuring Courier
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring BIND
Configuring Apache
Configuring Vlogger
Configuring Apps vhost
Configuring Bastille Firewall
Configuring Fail2ban
Installing ISPConfig
ISPConfig Port [8080]:
 <-- ENTER

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER

Generating RSA private key, 4096 bit long modulus
.....................................++
.....................................................++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:
 <-- ENTER
State or Province Name (full name) []: <-- ENTER
Locality Name (eg, city) [Default City]: <-- ENTER
Organization Name (eg, company) [Default Company Ltd]: <-- ENTER
Organizational Unit Name (eg, section) []: <-- ENTER
Common Name (eg, your name or your server's hostname) []: <-- ENTER
Email Address []: <-- ENTER

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
 <-- ENTER
An optional company name []: <-- ENTER
writing RSA key
Configuring DBServer
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Restarting services ...
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
Stopping saslauthd:                                        [FAILED]
Starting saslauthd:                                        [  OK  ]
Shutting down amavisd: Daemon [1415] terminated by SIGTERM
                                                           [  OK  ]
amavisd stopped
Starting amavisd:                                          [  OK  ]

Stopping clamd.amavisd:                                    [  OK  ]
Starting clamd.amavisd:                                    [  OK  ]
Stopping Courier authentication services: authdaemond
Starting Courier authentication services: authdaemond
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Stopping Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
Starting Courier-IMAP server: imap imap-ssl pop3 pop3-ssl
SyntaxError: ('invalid syntax', ('/usr/lib/mailman/Mailman/mm_cfg.py', 76, 27, 'DEFAULT_SERVER_LANGUAGE = \n'))

Traceback (most recent call last):
  File "/usr/lib/mailman/bin/mailmanctl", line 109, in <module>
    from Mailman import mm_cfg
  File "/usr/lib/mailman/Mailman/mm_cfg.py", line 76
    DEFAULT_SERVER_LANGUAGE =
                             ^
SyntaxError: invalid syntax
Shutting down mailman:                                     [FAILED]
SyntaxError: ('invalid syntax', ('/usr/lib/mailman/Mailman/mm_cfg.py', 76, 27, 'DEFAULT_SERVER_LANGUAGE = \n'))

Traceback (most recent call last):
  File "/usr/lib/mailman/bin/mailmanctl", line 109, in <module>
    from Mailman import mm_cfg
  File "/usr/lib/mailman/Mailman/mm_cfg.py", line 76
    DEFAULT_SERVER_LANGUAGE =
                             ^
SyntaxError: invalid syntax
Starting mailman:                                          [FAILED]
Stopping httpd:                                            [  OK  ]
[Sun Dec 18 23:47:41 2011] [warn] NameVirtualHost *:80 has no VirtualHosts
Starting httpd:                                            [  OK  ]
Stopping pure-ftpd:                                        [  OK  ]
Starting pure-ftpd:                                        [  OK  ]
Installation completed.
[root@server1 install]#

To fix the Mailman errors you might get during the ISPConfig installation, open /usr/lib/mailman/Mailman/mm_cfg.py...

vi /usr/lib/mailman/Mailman/mm_cfg.py

... and set DEFAULT_SERVER_LANGUAGE = 'en':

[...]
#-------------------------------------------------------------
# The default language for this server.
DEFAULT_SERVER_LANGUAGE = 'en'
[...]

Restart Mailman:

/etc/init.d/mailman restart

Afterwards you can access ISPConfig 3 under http(s)://server1.example.com:8080/ or http(s)://192.168.0.100:8080/ (http or https depends on what you chose during installation). Log in with the username admin and the password admin (you should change the default password after your first login):

The system is now ready to be used.

 

 

25 Links

Share this page:

23 Comment(s)

Add comment

Comments

From: at: 2013-01-17 18:01:28

Can this process be used to install ISPConfig 3 on CentOS 6 32bit versions?

Please Reply!

From: oakleeman at: 2012-09-20 19:00:38

Heads up that if your HDD is bigger than 50GB or so in size the CentOS 6.3 install will create a 45GB or so / partition and then setup the rest as /home. If this isn't what you want then check the box to review the partitioning layout and delete the /home lv and increase the size of the / lv. 

This bites me in the rear every time I follow Falko's guides for CentOS 6 and forget about the partition issue until I get to the step for editing fstab for quota...then I have to delete the VM hard-disk and start over since that is faster for me then extending the lv.  

From: Dizfunkshunal at: 2013-01-10 20:33:03

change

epel-release-6-7.noarch.rpm  all instances

to 

epel-release-6-8.noarch.rpm

From: ally at: 2013-07-20 13:20:18

Also if installing on OpenVZ it's a different process for enabling quotas. Has to be enabled by the sys admin or hardware node admin for  your container.

From: Emo at: 2014-03-08 09:22:15

its now https:// , http:// is not working anymore.

From: Payne at: 2013-10-21 01:26:33

Another note, in order to get the RepoForge repositories to work correctly (in step 7) I had to follow instructions on the following link:

http://wiki.centos.org/AdditionalResources/Repositories/RPMForge#head-f0c3ecee3dbb407e4eed79a56ec0ae92d1398e01

Hope that helps!

 

From: admin at: 2012-07-28 07:54:01

It's no mistake - the tutorial is working for me exactly as written.

From: Anonymous at: 2012-07-27 16:02:29

After the build process, the rpm packages can be found in $HOME/rpm/RPMS/x86_64 ($HOME/rpm/RPMS/i686 if you are on an i686 system):

has to correct in 

After the build process, the rpm packages can be found in $HOME/rpmbuild/RPMS/x86_64 ($HOME/rpmbuild/RPMS/i686 if you are on an i686 system):

Thnx

From: Mike at: 2012-11-24 14:24:13

Postfix would not receive incoming emails or respond to telnet into port 25.  The maillog showed:

fatal : no SASL authentication method available

The fix was to install missing package cyrus-sasl-plain:

yum install cyrus-sasl-plain

After restarting postfix, incoming emails started to arrive.

From: at: 2013-03-03 22:45:47

Just something of note here:

Courier by default will limit the number of connections per ip to 4.  Most email clients use 5 connections per email account.  See the problem?

Make sure to just update this now to get it out of the way so you aren't wondering later why you can't connect to your IMAP account and start blaming ISPConfig for it

What value should you use for max connections per ip?

Generally speaking, for the ip with the most email accounts:

MAXPERIP = MAX_NUMBER_OF_EMAIL_ACCOUNTS * 5

Then you can just update the config and restart courier and you'll never have to worry about this later (unless the max number of email accounts for an ip increases)

TIP:  If you have your mail setup on your phone and ipad and both are using the same internet ip as your laptop you now have 3 email clients per account instead of just 1.  Either turn off your mail at home on your phone/ipad or increase your MAXPERIP to compensate. 

I like to use 105 for my default MAXPERIP (7 accounts per ip, 3 devices per account):

sed -i 's/MAXPERIP=4/MAXPERIP=105/g' /usr/lib/courier-imap/etc/imapd
service courier-imap restart

From: r4faga at: 2012-09-04 23:06:07

when i try to do make on suphp, there is make it a error. And dont install. 
 
g++ -DOPT_CONFIGFILE=\"/etc/suphp.conf\" -g -O2 -o suphp API.o API_Helper.o API_Linux.o API_Linux_Logger.o Application.o CommandLine.o Configuration.o Environment.o Exception.o File.o GroupInfo.o IOException.o IniFile.o IniSection.o KeyNotFoundException.o Logger.o LookupException.o OutOfRangeException.o PathMatcher.o ParsingException.o PointerException.o SecurityException.o SoftException.o SystemException.o UserInfo.o Util.o
make[3]: se sale del directorio `/tmp/suphp-0.7.1/src'
make[2]: se sale del directorio `/tmp/suphp-0.7.1/src'
make[1]: se sale del directorio `/tmp/suphp-0.7.1/src'
make[1]: se ingresa al directorio `/tmp/suphp-0.7.1'
make[1]: No se hace nada para `all-am'.
make[1]: se sale del directorio `/tmp/suphp-0.7.1'

From: Martin at: 2012-09-27 09:33:22

You ask us to remove original init script from rc.* and add

clamd.amavisd

 however there is no such file included (Centos 5.3 following every step to my knowledge)

 

From: at: 2012-12-05 19:02:04

i had 2 installations were i had to

 cp /etc/awstats/awstats.model.conf /etc/awstats/awstats.conf

for awstats to work. info @ http://www.howtoforge.com/forums/showthread.php?t=35485&page=8

From: JNPerez at: 2013-04-25 15:46:24

the link for the mod_ruby-1.3.0.tar.gz is down... Use this mirror http://ftp.riken.go.jp/pub/FreeBSD/distfiles/ruby/mod_ruby-1.3.0.tar.gz


 :D

 

From: at: 2013-05-27 23:04:36

Make sure you do not leave /etc/named.conf unconfigured.   By default you are offering recursive name service to the whole world.   You'll notice this one day when you run top and see named using up 50%+ CPU because some bots are using your Bind for DNS DDoS attacks.   Rather than leave the configuration file as the default, at very least update it to the following to protect yourself, your clients, and the victims:

include "/etc/rndc.key";

controls {
        inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
};

//
// named.conf for Red Hat caching-nameserver
//

acl "trusted" {
        127.0.0.1;
};

options {
        directory "/var/named";
        dump-file "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        allow-recursion { trusted; };
        allow-notify { trusted; };
        allow-transfer { trusted; };
        forwarders { 127.0.0.1; };
};

Above config found at: http://forum.codecall.net/topic/47953-check-etcnamedconf-for-recursion-restrictions/

From: Alex at: 2012-10-11 16:05:11

Hi

I am in  vi   /etc/aliases file and try to add what it says , but I can't write pipe key  after 

 

mailman:    " 

 

could anyone can tell me how to enter pipe key  in vi editor?

 

thanks

Alex

 

From: at: 2013-06-19 08:24:34

Hello,

I get this error when I try to login to webmail;  ERROR: Connection dropped by IMAP server.. 

 

The problem is resolved.  I had not installed ISPConfig yet when I tried to access and check the mail server.  After I installed the ISPConfig, I was able to connect, send and receive mail.  

From: sth at: 2014-06-15 06:14:16

I have followed the instructions as per the instructions for  "Perfect Server - Centros 6.3 x 86_64...:

Apart from a hiccup in find in the  "mod_ruby" file (eventually found one at another site) all appears to have gone well except that I do not appear to be able to run Firefox.

It seems that Firefox was not installed as part of the "Basic Server" set up when Centros was installed and indicated on page two of the instructions.  ANy way Firefox is easy enough to install.  However, when I try to start Firefox either as root or the user I get a message

cannot open display: :0

 Have tried    export DISPLAY=:0   with no result

Have installed xorg.x11-server-utils     An sill get no result.

 

Any one any ideas as to how to fix this and be able to run Fix so I can check the Webmail asn WEB Admis screens as shown in the instructions?

 

Thanks


From: at: 2012-07-31 15:44:13

After all check, if bastille-firewall works:

iptables -L

If not, You can start it by typing:

/etc/init.d/bastille-firewall start

and configure: 

chkconfig --levels 235 bastille-firewall on

Now, You can check firewall again:

iptables -L

On all of my servers configured with the articles "CentOS/ISPC3 Perfect Server": 5.7, 6.0, 6.2, 6.3 from howtoforge.com, never Bastille firewall start automatically. 

From: hb at: 2012-10-11 15:37:41

we just us one, so why should be download two DVDs ?

From: at: 2013-03-19 03:42:45

in the end when this is all set up and working for the most part, I have one problem.

 

Basically ftp into the correct area, then when trying to browse to the page it runs some cached version rather than the actual file that's been uploaded.  This has nothing to do with the client side cache as I've tried it on at least 5-10 machines which have never even been to the domain :(

 ANY help would be sincerely appreciated.

From: Anonymous at: 2013-08-06 18:52:54

after a fair bit of prodding I fixed this myself.

basically in ispconfig 3 it was a small tweak.

From: Ergec at: 2013-06-26 16:30:12

Let say we have a solid network, only one website on the server and we ignore the security weakness of the php code.

 How secure is this particulat setup for direct attacks? Of course there is no immune system but is it solid enough to serve an important website?