The Perfect Server - CentOS 6.4 x86_64 (nginx, Dovecot, ISPConfig 3)

Version 1.0
Author: Falko Timme
Follow me on Twitter
Last edited 03/22/2013

This tutorial shows how to prepare a CentOS 6.4 x86_64 server for the installation of ISPConfig 3, and how to install ISPConfig 3. ISPConfig 3 is a webhosting control panel that allows you to configure the following services through a web browser: nginx web server, Postfix mail server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, Mailman, and many more. Since version 3.0.4, ISPConfig comes with full support for the nginx web server in addition to Apache; this tutorial covers the setup of a server that uses nginx, not Apache.

Please note that this setup does not work for ISPConfig 2! It is valid for ISPConfig 3 only!

I do not issue any guarantee that this will work for you!

 

1 Requirements

To install such a system you will need the following:

 

2 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.

 

3 Install The Base System

Boot from your first CentOS 6.4 DVD (DVD 1). Select Install or upgrade an existing system:

It can take a long time to test the installation media so we skip this test here:

The welcome screen of the CentOS installer appears. Click on Next:

Choose your language next:

Select your keyboard layout:

I assume that you use a locally attached hard drive, so you should select Basic Storage Devices here:

You might see the following warning - Error processing drive. If you see this click on the Re-initialize all button to proceed:

Fill in the hostname of the server (e.g. server1.example.com), then click on the Configure Network button:

Go to the Wired tab, select the network interface (probably eth0) and click on Edit...:

Mark the Connect automatically checkbox and go to the IPv4 Settings tab and select Manual in the Method drop-down menu. Fill in one, two, or three nameservers (separated by comma) in the DNS servers field (e.g. 8.8.8.8,8.8.4.4), then click on the Add button next to the Addresses area:

Now give your network card a static IP address and netmask (in this tutorial I'm using the IP address 192.168.0.100 and netmask 255.255.255.0 for demonstration purposes; if you are not sure about the right values, http://www.subnetmask.info might help you). Also fill in your gateway (e.g. 192.168.0.1) and click on the Apply... button:

The network configuration is now finished. Click on the Next button:

Share this page:

21 Comment(s)

Add comment

Comments

From: Coupon Code Swap at: 2013-10-20 16:40:07

 Use the latest rpmforge. Otherwise you will run into dependency errors for some modules while installing PHP-FPM:

cd /tmp
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

From: Anonymous at: 2013-09-23 13:56:00

Before building fcgiwrap you need to install some tools first:

yum install autoconf automake libtool

 

From: Ivan at: 2013-10-07 20:50:14

Hello, i found i small missing in your great tutorial. Before "cd /usr/local/src/
git clone git://github.com/gnosek/fcgiwrap.git"  you have to mention how git should be installed, because there is not git there and it does not work. thank you. Ivan.
 

 

From: selva at: 2013-10-26 03:24:33

 I can open the directory src. But I can process this possion. PLease help me. THanks

git clone git://github.com/gnosek/fcgiwrap.git

From: at: 2014-07-14 02:48:02

Use 'https' instead of 'git' as below.

git clone https://github.com/gnosek/fcgiwrap.git

From: Coupon Code Swap at: 2013-10-20 16:34:07

If you plan on running Drupal or another CMS, you may want to include this in the html section while configuring the nginx.conf file to avoid getting 502 Bad Gateway errors:

 

vi /etc/nginx/nginx.conf

 

fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

From: Anonymous at: 2013-12-21 17:55:51

cp /etc/dovecot/dovecot-sql.conf /etc/

From: at: 2013-12-26 01:40:16

Hi,

 Can anyone show me how to enable mod re_write for drupal and joomla site? I've search for a few days and nothing comes up. I have multiple sites running Drupal on LAMP, and now I'm trying to migrate these sites to LEMP with ISPConfig.

From: at: 2014-05-04 22:40:13

You will end up with a very old version of nginx if you install from epel. To get the latest version, do this:

 vi /etc/yum.repos.d/nginx.repo

paste and save:

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1
priority=10

yum update

chkconfig --levels 235 nginx on

/etc/init.d/nginx start

From: Arkadiusz Zug at: 2014-08-14 08:22:46

If you would like to use newest version of postfix 2.11.* and MariaDB 10.* you can use Axivo repo:

 rpm -ivh --nosignature http://rpm.axivo.com/redhat/axivo-release-6-1.noarch.rpm

 Tested by me and working

From: Fabricio Rabelo at: 2013-09-30 12:48:25

Hi, I followed all the tutorial alright. Almost all functions are running ok, but the server isn't generating statistics both AWStats as Webalizer. Someone can help me? Thanks.

From: Drew at: 2014-04-24 00:54:22

I found webalizer working first, but after switching to awstats, I get a 404.  Then when I switch back to webalizer and wait 35 mins (so I can re-login), nothing changes and I get the same 404 as in awstats.

The 404 gets displayed 'below' the awstats "Jump to previous stats" header.

 

In IspConfig > System > Server Config > Web > Awstats Settings the following are the default settings :-

:- /etc/awstats
awstats data folder:- /var/lib/awstats
awstats.pl script:- /usr/lib/cgi-bin/awstats.pl
awstats_buildstaticpages.pl script:- /usr/share/awstats/tools/awstats_buildstaticpages.pl
 
I checked these locations and I found the following:-
  • /etc/awstats does have the conf files.
  • /var/lib/awstats doesn't exist
  • /usr/lib/cgi-bin doesn't exist
  • /usr/share/awstats/tools/ is empty using ls -la
  • /etc/nginx/sites-available/mydomain.com.vhost contains 'location ^~ /awstats-icon {
                alias /usr/share/awstats/icon;
            }' which is not correct as only the tools directory lives in /usr/share/awstats.  There is an icon directory here '/var/www/awstats/icon', but this too doesn't have a awstats-icon.

 
Awstats was installed as per the guidelines here in this perfect server setup:-
yum install webalizer awstats perl-DateTime-Format-HTTP perl-DateTime-Format-Builder.
 
Hope this helps the powers that be, to be able to remedy this situation atm.
 
Cheers to all
 
 

 

From: admin at: 2014-04-24 07:10:17

Statistics are genarated once every day in the early morning hours. you have to wait until the next day before you can use awstats before Switch the statistics engine.

Switching the stats engine removes all previous statistisc, so when you Switch back, the webalizer stats will not be available until the next day as well.

From: Coupon Code Swap at: 2013-10-20 16:57:18

After installing ISPConfig, the TLS setting for pure-ftpd may be commented out again. If so, redo the setting for TLS:

 

vi /etc/pure-ftpd/pure-ftpd.conf

 TLS                      1

From: Anonymous at: 2013-11-09 01:10:48

This is a very important step to prevent DDoS attacks. While editing the named.conf file, recursion should be turned off and an additional line should be added.

 vi /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion no;
        additional-from-cache no;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
include "/etc/named.conf.local";

service named restart

For reference and additional configuration options:

http://www.team-cymru.org/Services/Resolvers/

http://www.team-cymru.org/Services/Resolvers/instructions.html

And a useful tool to check your DNS configuration:

http://www.intodns.com

Create the file /etc/named.conf.local that is included at the end of /etc/named.conf (/et

From: Coupon Code Swap at: 2013-10-28 19:26:06

The mail server will not be functioning because a conf file is not linked correctly. Run the following commands to get dovecot up and running:

ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf
ln -s /etc/dovecot/dovecot.conf /etc/dovecot.conf

From: Anonymous at: 2014-01-12 14:43:58

I have looked everywhere in ispconfig and I can find the options to have /phpmyadmin instead of :8081/phpmyadmin. Any help would be great.

From: at: 2014-03-12 09:01:26

If you would like to use this manual to configure your CentOS 6.5 version (I couldn't find 6.5 manual) probably you stop on named service step:

 While you try to start:

/etc/init.d/named start

 

system prompt you:

Generating /etc/rndc.key

all you need is paste:

rndc-confgen -a -r /dev/urandom

 

then:

/etc/init.d/named restart

 

helped me :)

From: at: 2014-05-04 23:31:56

to install latest version of jailkit, do this:

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar xvfz jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
cd ..
rm -rf jailkit-2.17*

From: Dimitris at: 2015-02-25 21:33:33

Can someone explain to me how can i use only https with phpmyadmin and not both http and https?

Trying to make it more secure but still no luck. I read this tutorial but i can't get it to work.. Any ideas?

From: Lefteros at: 2015-04-24 13:23:40

failed to mention that epel is needed for fail2ban and others

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm