The Perfect Server - CentOS 6.4 x86_64 (nginx, Dovecot, ISPConfig 3) - Page 2

Choose your time zone:

Give root a password:

Next we do the partitioning. Select Replace Existing Linux System(s). This will give you a small /boot partition and a large / partition which is fine for our purposes:

Select Write changes to disk:

The hard drive is being formatted:

Now we select the software we want to install. Select Basic Server, then check CentOS in the additional repositories field, choose Customize later and click on Next:

The installation begins. This will take a few minutes:

Finally, the installation is complete, and you can remove your DVD from the computer and reboot it:

After the reboot, log in as root.

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default CentOS firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the CentOS firewall).

Run...

system-config-firewall-tui

... and disable the firewall. Hit OK afterwards:

Confirm your choice by selecting Yes:

If you did not configure your network card during the installation, you can do that now. Run...

system-config-network

... and go to Device configuration:

Select your network interface:

Then fill in your network details - disable DHCP and fill in a static IP address, a netmask, your gateway, and one or two nameservers, then hit Ok:

Next select Save:

You can also specify additional nameservers. Select DNS configuration:

Now you can fill in additional nameservers and hit Ok:

Hit Save&Quit afterwards:

You should run

ifconfig

now to check if the installer got your IP address right:

[root@server1 ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:00:85:AC
          inet addr:192.168.0.100  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe00:85ac/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:278 errors:0 dropped:0 overruns:0 frame:0
          TX packets:86 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:28503 (27.8 KiB)  TX bytes:16360 (15.9 KiB)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

[root@server1 ~]#

Check your /etc/resolv.conf if it lists all nameservers that you've previously configured:

cat /etc/resolv.conf

If nameservers are missing, run

system-config-network

and add the missing nameservers again.

Now, on to the configuration...

Share this page:

21 Comment(s)

Add comment

Comments

From: Coupon Code Swap at: 2013-10-20 16:40:07

 Use the latest rpmforge. Otherwise you will run into dependency errors for some modules while installing PHP-FPM:

cd /tmp
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm -ivh rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

From: Anonymous at: 2013-09-23 13:56:00

Before building fcgiwrap you need to install some tools first:

yum install autoconf automake libtool

 

From: Ivan at: 2013-10-07 20:50:14

Hello, i found i small missing in your great tutorial. Before "cd /usr/local/src/
git clone git://github.com/gnosek/fcgiwrap.git"  you have to mention how git should be installed, because there is not git there and it does not work. thank you. Ivan.
 

 

From: selva at: 2013-10-26 03:24:33

 I can open the directory src. But I can process this possion. PLease help me. THanks

git clone git://github.com/gnosek/fcgiwrap.git

From: at: 2014-07-14 02:48:02

Use 'https' instead of 'git' as below.

git clone https://github.com/gnosek/fcgiwrap.git

From: Coupon Code Swap at: 2013-10-20 16:34:07

If you plan on running Drupal or another CMS, you may want to include this in the html section while configuring the nginx.conf file to avoid getting 502 Bad Gateway errors:

 

vi /etc/nginx/nginx.conf

 

fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;

From: Anonymous at: 2013-12-21 17:55:51

cp /etc/dovecot/dovecot-sql.conf /etc/

From: at: 2013-12-26 01:40:16

Hi,

 Can anyone show me how to enable mod re_write for drupal and joomla site? I've search for a few days and nothing comes up. I have multiple sites running Drupal on LAMP, and now I'm trying to migrate these sites to LEMP with ISPConfig.

From: at: 2014-05-04 22:40:13

You will end up with a very old version of nginx if you install from epel. To get the latest version, do this:

 vi /etc/yum.repos.d/nginx.repo

paste and save:

[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/6/$basearch/
gpgcheck=0
enabled=1
priority=10

yum update

chkconfig --levels 235 nginx on

/etc/init.d/nginx start

From: Arkadiusz Zug at: 2014-08-14 08:22:46

If you would like to use newest version of postfix 2.11.* and MariaDB 10.* you can use Axivo repo:

 rpm -ivh --nosignature http://rpm.axivo.com/redhat/axivo-release-6-1.noarch.rpm

 Tested by me and working

From: Fabricio Rabelo at: 2013-09-30 12:48:25

Hi, I followed all the tutorial alright. Almost all functions are running ok, but the server isn't generating statistics both AWStats as Webalizer. Someone can help me? Thanks.

From: Drew at: 2014-04-24 00:54:22

I found webalizer working first, but after switching to awstats, I get a 404.  Then when I switch back to webalizer and wait 35 mins (so I can re-login), nothing changes and I get the same 404 as in awstats.

The 404 gets displayed 'below' the awstats "Jump to previous stats" header.

 

In IspConfig > System > Server Config > Web > Awstats Settings the following are the default settings :-

:- /etc/awstats
awstats data folder:- /var/lib/awstats
awstats.pl script:- /usr/lib/cgi-bin/awstats.pl
awstats_buildstaticpages.pl script:- /usr/share/awstats/tools/awstats_buildstaticpages.pl
 
I checked these locations and I found the following:-
  • /etc/awstats does have the conf files.
  • /var/lib/awstats doesn't exist
  • /usr/lib/cgi-bin doesn't exist
  • /usr/share/awstats/tools/ is empty using ls -la
  • /etc/nginx/sites-available/mydomain.com.vhost contains 'location ^~ /awstats-icon {
                alias /usr/share/awstats/icon;
            }' which is not correct as only the tools directory lives in /usr/share/awstats.  There is an icon directory here '/var/www/awstats/icon', but this too doesn't have a awstats-icon.

 
Awstats was installed as per the guidelines here in this perfect server setup:-
yum install webalizer awstats perl-DateTime-Format-HTTP perl-DateTime-Format-Builder.
 
Hope this helps the powers that be, to be able to remedy this situation atm.
 
Cheers to all
 
 

 

From: admin at: 2014-04-24 07:10:17

Statistics are genarated once every day in the early morning hours. you have to wait until the next day before you can use awstats before Switch the statistics engine.

Switching the stats engine removes all previous statistisc, so when you Switch back, the webalizer stats will not be available until the next day as well.

From: Coupon Code Swap at: 2013-10-20 16:57:18

After installing ISPConfig, the TLS setting for pure-ftpd may be commented out again. If so, redo the setting for TLS:

 

vi /etc/pure-ftpd/pure-ftpd.conf

 TLS                      1

From: Anonymous at: 2013-11-09 01:10:48

This is a very important step to prevent DDoS attacks. While editing the named.conf file, recursion should be turned off and an additional line should be added.

 vi /etc/named.conf

//
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { any; };
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion no;
        additional-from-cache no;
};
logging {
        channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};
zone "." IN {
        type hint;
        file "named.ca";
};
include "/etc/named.conf.local";

service named restart

For reference and additional configuration options:

http://www.team-cymru.org/Services/Resolvers/

http://www.team-cymru.org/Services/Resolvers/instructions.html

And a useful tool to check your DNS configuration:

http://www.intodns.com

Create the file /etc/named.conf.local that is included at the end of /etc/named.conf (/et

From: Coupon Code Swap at: 2013-10-28 19:26:06

The mail server will not be functioning because a conf file is not linked correctly. Run the following commands to get dovecot up and running:

ln -s /etc/dovecot/dovecot-sql.conf /etc/dovecot-sql.conf
ln -s /etc/dovecot/dovecot.conf /etc/dovecot.conf

From: Anonymous at: 2014-01-12 14:43:58

I have looked everywhere in ispconfig and I can find the options to have /phpmyadmin instead of :8081/phpmyadmin. Any help would be great.

From: at: 2014-03-12 09:01:26

If you would like to use this manual to configure your CentOS 6.5 version (I couldn't find 6.5 manual) probably you stop on named service step:

 While you try to start:

/etc/init.d/named start

 

system prompt you:

Generating /etc/rndc.key

all you need is paste:

rndc-confgen -a -r /dev/urandom

 

then:

/etc/init.d/named restart

 

helped me :)

From: at: 2014-05-04 23:31:56

to install latest version of jailkit, do this:

cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar xvfz jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
cd ..
rm -rf jailkit-2.17*

From: Dimitris at: 2015-02-25 21:33:33

Can someone explain to me how can i use only https with phpmyadmin and not both http and https?

Trying to make it more secure but still no luck. I read this tutorial but i can't get it to work.. Any ideas?

From: Lefteros at: 2015-04-24 13:23:40

failed to mention that epel is needed for fail2ban and others

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm