This is a "copy & paste" HowTo! The easiest way to follow this tutorial is to use a command line client/SSH client (like PuTTY for Windows) and simply copy and paste the commands (except where you have to provide own information like IP addresses, hostnames, passwords,...). This helps to avoid typos.

The Perfect Setup - CentOS 4.3 (64-bit)

Version 1.2
Author: Falko Timme
Last edited 05/20/2007

This is a detailed description how to set up a CentOS 4.3 based server that offers all services needed by ISPs and hosters (web server (SSL-capable), mail server (with SMTP-AUTH and TLS!), DNS server, FTP server, MySQL server, POP3/IMAP, Quota, Firewall, etc.). This tutorial is written for the 64-bit version of CentOS 4.3, but should apply to the 32-bit version with very little modifications as well.

I will use the following software:

  • Web Server: Apache 2.0.x
  • Database Server: MySQL 4.1
  • Mail Server: Postfix (easier to configure than sendmail; has a shorter history of security holes than sendmail)
  • DNS Server: BIND9 (chrooted!)
  • FTP Server: proftpd
  • POP3/IMAP server: dovecot
  • Webalizer for web site statistics

In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

Requirements

To install such a system you will need the following:

1 Install The Base System

Boot from your CentOS 4.3 CD (CD 1).

It can take a long time to test the installation media so we skip this test here:

The welcome screen of the CentOS installer appears. Click on Next:

Choose your language next:

Select your keyboard layout:

We want to install a server so we choose Server here:

Next we do the partitioning. Select Automatically partition. This will give you a smalll /boot partition and a large / partition which is fine for our purposes:

I'm installing CentOS 4.3 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?

Select Remove all partitions on this system.

We want to remove all Linux partitions, so we answer Yes to the following question:

The installer presents you an overview of our new partitions. Click on Next:

Now the boot loader GRUB will be installed. You can leave the default settings unchanged and click on Next:

Share this page:

9 Comment(s)

Add comment

Comments

From: andalucia at: 2006-09-07 13:37:18

Free SSH (ssh/sftp) Client for windows users from ssh.com 

ftp://ftp.ssh.com/pub/ssh/SSHSecureShellClient-3.2.9.exe

not for commercial or corporate use.
Thank You

 

From: putra koreng at: 2009-01-01 07:28:10

thanks, this is so Help for me

From: Anonymous at: 2006-06-26 09:40:28

Everything worked fine for me on Centos 4.3 (32bit) but I had to add the lines:

ssl_cert_file = /etc/postfix/ssl/smtpd.crt
ssl_key_file = /etc/postfix/ssl/smtpd.key

to /etc/dovecot.conf to stop the warning

fetchmail: Server CommonName mismatch: localhost.localdomain != xxxxx.com



when fetching POP mail using fetchmail

Thanks for the excellent howto!

Steve 

  

 

 

From: Anonymous at: 2006-04-12 04:20:18


Excellent.... Ive been waiting for a guide like this for a while. When ever i install a new system, almost never does a person give me all the steps in one guide... until now ;). Believe me it sucks to have to download the linux offline system command webpages (all 300 of em) via bittorent. This is a eye opener indeed.

From: Anonymous at: 2006-06-21 22:15:48

Just wanted to mention, for some of the last steps,

 yum install gcc

is required to rebuild zlib 

and that if  you are planning on installing ispconfig,

yum install flex

will be required to avoid the PHP errors. 

From: Anonymous at: 2006-08-22 07:20:29

very nice! I was trying to do something just like this with a plain centos server build (did the text install, not GUI) and this worked out great. I was struggling trying to get my ssl working on apache when I stumbled into this... great work! ( I did not see it install the php-xml package though, and my ssl is acting screwy, saying I have an identical certificate already on file... but I will figure it out...)

From: so_ at: 2006-09-11 22:14:16

Rebuilding zlib is not required.  The author has failed to understand the Redhat/Centos versioning and how security fixes to packages such as zlib are backported.

http://www.redhat.com/advice/speaks_backport.html 

 

The security problems that the zlib upgrade are designed to solve, were already patched long ago and continue to be patched as security requires.

  • REDHAT:RHSA-2006:0101
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0101.html
  • REDHAT:RHSA-2006:0144
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0144.html
  • REDHAT:RHSA-2006:0190
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0190.html
  • REDHAT:RHSA-2006:0191
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0191.html
  • From: so_ at: 2006-09-11 22:18:56

    Those previous URLs are the kernel fixes due to zlib problems.  Here is the advisory for the zlib package itself.


    http://www.redhat.com/support/errata/RHSA-2005-569.html
    http://rhn.redhat.com/errata/RHSA-2005-584.html 


    From: at: 2006-11-05 10:11:38

    Edit the compile file and add --disable-zlib-vcheck

     

    vi  install_ispconfig/compile_aps/compile

     

    Such as: 

    cd ${CLAMAV}
    ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME} --disable-clamav --disable-zlib-vcheck --disable-bzip2 || error "Could not configure ClamAV"