This action might not be possible to undo. Are you sure you want to continue?
Global Open Versity ICT Labs
Build your own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server v1.0
Global Open Versity IT System Integration Hands-on Labs Training Manual
Build your Own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server
Kefa Rabah Global Open Versity, Vancouver Canada
Table of Contents
BUILD YOUR OWN ISP HOSTING USING ISPCONFIG ON UBUNTU 10.04 LTS SERVER 1.0 Introduction Part 1: Install & Configure Ubuntu 10.04 LTS Server Step 1: Getting Started & Hardware Pre-requisites Step 2: Update Ubuntu 10.04 Operating Systems Step 3: Install Webmin Part 2: Installing Additional Infrastructure Packages Step 1: Install OpenSSH Package Step 2: Change the Default Shell Step 3: Disable AppArmor Step 4: Install PHP5 and Apache (HTTP) Web Server Part 3: Optional Configuration Tasks Step 1: Configure Network Interface to Static IP Address Part 4: Install DNS Server Part 5: Install Pre-Requisite Packages for ISPConfig Step 1: Install Postfix, Courier, MySQL, Saslauthd, rkhunter, binutils Step 2: Modify MySQL myc.cnf file Step 3: Modify SSL Certificate Hostname Configuration Step 4: Install Amavisd-new, SpamAssassin, and ClamAV Step 5: Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt Step 6: Install PureFTPd and Quota Step 7: Install Vlogger and Webalizer Step 8: Install Jailkit Step 9: Install fail2ban Step 10: Install SquirrelMail Part 6: Install ISPConfig Part 7: Need More Training on Linux: Ubuntu Server Administration Training Part 8: Hands-on Labs Assignments Linux Administration Training © April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
2 2 3 3 3 4 6 6 7 7 7 8 8 10 14 14 18 19 20 21 22 23 24 25 25 26 33 33 34 34 1
ICT105 – Ubuntu Server Administration Training
Global Open Versity ICT Labs
Build your own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server v1.0
Global Open Versity IT Systems Integration Hands-on Labs Training Manual
Build your own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server
By Kefa Rabah, email@example.com June 21, 2010 GTI Institute
In this Hands-on Labs session, we’re going to learn how to install and configure the Linux Ubuntu 10.04 LTS (Lucid Lynx) server option when we then use to install ISPConfig hosting control panel. Canonical has high hopes that Ubuntu 10.04, Lucid Lynx, will easily become the platform of choice for anybody who intends to build and deploy large-scale infrastructure, whether you're trying to build the next Facebook, or the next Google, or the next eBay. Ubuntu 10.04 LTS Server Edition: Lean, fast and powerful – Ubuntu Server delivers services reliably, predictably and economically - and easily integrates with your existing infrastructure. It has almost 100 open-source and proprietary application providers certifying their programs on Ubuntu Server Edition. Ubuntu 10.04 includes Alfresco, Ingres, IBM, VMware, Yahoo and Zimbra. It also includes improved installation and management tools for Ubuntu Enterprise Cloud (UEC) and Amazon EC2. ISPConfig is an open source hosting control panel for Linux. ISPConfig is licensed under BSD license. ISPConfig simplifies the complicated details of setting up DNS, multiple unique domain name websites on one physical server box, and e-mail accounts for multiple users on those websites. ISPConfig provides interfaces for the management of internet services by an ISP provider and the ISP clients. That is, ISPConfig is an ISP management and hosting control panel. It manages your Web server, email server, BIND DNS, proftpd and vsftpd FTP server, MySQL databases, SpamAssassin, disk quotas and User registration & billing with an easy to use Web interface for administrators, resellers, and clients. Others services like Email management and forwarding, Security (via SSL), Mail scanning and Firewall); Statistics & ISP Management (Webalizer, IP-addresses); Self Management (Shell-access, Per-User Administration backend) and more. More importantly, ISPConfig speeds up and simplifies common server administration and operation tasks, such as creating lots of new user e-mail accounts or quickly setting up lots of roots (starting folders) for new websites. This in contrast to coding these changes by hand from a command prompt which would take more time and effort, and heavily prone to errors. Today, most large-scale installations use existing automation tools ISPConfig. Adapting these to the special configuration and filesystem layout of ISPConfig can require a lot of work. This is why ISPconfig is mainly targeted at new installations. As you’ll learn in this hands-on lab training, setting up ISPConfig is somewhat challenging, but it is much easier than coding DNS files by hand. ISPConfig can help new Linux users configure web and e-mail faster and easier than they could without it. This makes ISPconfig a "gateway to Linux" skills building endeavor. People get the end benefits of gaining experience to deploy complex servers while they continue to learn about them. © April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
www.globalopenversity.org ICT105 – Ubuntu Server Administration Training
In this Hands-on Labs. 2Gb RAM. it’s assumed that your target computer is connected to the internet. After installing the operating system. If not then you can check this article which discuses how to install Ubuntu 10. log into your machine and ensure you perform software updates to bring your systems up-to-date. You’ll also have opportunity to do some assignment at the end of the lab session.globalopenversity. If you are purchasing a computer to run OSCAR. you’ll learn how to setup virtual network on VMware (you may also use any other virtual machines like MS VirtualPC. the default repositories don’t contain the right locations for most software packages that you’ll want to install. ISPConfig or any other application server.04 LTS Server Step 1: Getting Started & Hardware Pre-requisites Ubuntu runs on inexpensive. we’ll concentrate on installing ISPConfig on a clean install Linux Ubuntu 10. Assumptions It’s assumed that you have a good knowledge of Linux Ubuntu OS. You will want to open up the "/etc/apt/sources. Finally. Step 2: Update Ubuntu 10. Kefa Rabah.04 LTS server: • Step-By-Step Install Guide Ubuntu 10. To support a small practice like OSCAR. For maximum subsystem compatibility. Upon completion of the hands-on lab you would have gained a competency level and a capability to be able to plan design implement and deploy a hosting solution using ISPConfig and any other Ubuntu server powered application. In this lab session. we recommend a minimum configuration of 200Gb Disk.com/ubuntu dapper-security universe © April 2007. and a 2GHz Intel Dual Core CPU.archive. all depends on your level of Linux OS. Global Open Versity.04 LTS Server v1.04 LTS Server. I’ll also show you how set static IP address which is required for deploying a DNS server.ubuntu.org ICT105 – Ubuntu Server Administration Training 3 . commodity hardware.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.ubuntu. You will learn how to install and configure Webmin to help with configuring DNS server.com/ubuntu dapper universe main restricted universe deb http://security. However. Vancouver Canada www. or VirtualBox from Oracle). one option is to order the machine with Ubuntu pre-installed. we suggest that you install the 32bit version of Ubuntu.04 Operating Systems Adding extra Repositories on Ubuntu Repositories on Ubuntu are the locations that you can download software from. find and uncomment the following lines deb http://us.04 LTS (Lucid Lynx) Server Part 1: Install & Configure Ubuntu 10. As a general rule. we’ll go through a step-by-step process to install all the pre-requisite packages that are necessary for successful installing of ISPConfig hosting solution. web-server etc.0 Solution: In this Hands-on Lab session.. Once you gained enough experience and capability you may go ahead and install ISPConfig on a Pilot testing server and finally to a production server to power on your ISP venture.list" file. Linux Xen.
It is useful to update your system with the latest components and system patches. We’re done with this section 3. This tutorial will explain how to install Webmin in Ubuntu Intrepid Ibex You can install Webmin for your server web interface to configure Apache2. MySQL. it needs to be run in conjunction with the sudo command. DNS. Using any modern web browser.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. Next. When used to manipulate the core packages of the operating system.debian. Apache. First you need to install the following packages sudo aptitude install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl libmd5-perl apt-show-versions 2. you can setup user accounts. The first command below asks Ubuntu to update its database of available packages.deb © April 2007. and lets you manage a system from the console or remotely.03-1_all. Now we will see how to install Webmin on Ubuntu 10. 2. From the command line.04 repositories – more on that can be read here) wget http://ftp. get "libmd5-perl" (this is deprecated and not in 10. Preparing your system 1. one at a time. it will not ask for your password again for a short period of time (typically 15 minutes). FTP. you will probably see a different name there. DNS servers and many more.04 LTS Server v1.org/pool/main/libm/libmd5-perl/libmd5-perl_2.0 Note that if you are using a different version than Dapper Drake (6. Subsequently. Kefa Rabah.06). The first time you run the command. Note 2: apt-get is the program Ubuntu uses for managing the system’s packages. We run the upgrade command twice to ensure that any packages that may have post-upgrade dependencies also have an opportunity to be upgraded. 1.Currently There is no Webmin package in the Ubuntu repositories. enter the following commands. Webmin removes the need to manually edit Unix configuration files like /etc/passwd.globalopenversity.04 LTS. file sharing and much more. and the second command installs the latest packages based on your current configuration. You’re now ready to begin any other application installation as desired! Step 3: Install Webmin Webmin is a web-based interface for system administration for UNIX.org ICT105 – Ubuntu Server Administration Training 4 . $ sudo apt-get update $ sudo apt-get -u upgrade Note 1: The sudo command is used to run privileged operations on the Ubuntu platform. Global Open Versity. it will ask for your password. Vancouver Canada www. something like breezy or edgy.
deb package install this package using the following command sudo dpkg -i webmin_1. This will complete the installation. Now you should see similar to the following screen. Kefa Rabah. Enter your credentials used earlier when you installed the system and then click login. Now download the latest Webmin using the following command or from here sudo wget http://garr. Now you need to open your web browser and enter the following https://your-server-ip:10000/ or https://your-server-name:10000/ Note: Accept the security warnings and alerts. 41. Vancouver Canada www. Note: Ubuntu in particular don’t allow logins by the root user by default. the user created at system installation time can use sudo to switch to root. Now we have webmin_1. as shown in Fig. However.441_all. After login if you want to configure Apache2.globalopenversity.04 LTS Server v1.deb 4.sourceforge.441_all.org ICT105 – Ubuntu Server Administration Training 5 . 2.03-1_all.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.441_all. © April 2007.deb 3. Global Open Versity. Fig.deb 5.0 then install sudo dpkg -i libmd5-perl_2. you need to click on Servers on your left-hand side you should see many servers that are ready to configure. 1 7. DNS server etc. 6.dl. see Fig. Webmin will allow any user who has this sudo capability to login with full root privileges.net/sourceforge/webadmin/webmin_1.
To install OpenSSH.org ICT105 – Ubuntu Server Administration Training .Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.globalopenversity. and 6 © April 2007. We’re done with this section Part 2: Installing Additional Infrastructure Packages These instructions are written for an audience comfortable with invoking instructions from the command line and GUI option. then you should be able to follow along with ease. To log into a remote computer that is running OpenSSH. Kefa Rabah.0 Fig. By default this package is already installed in the Ubuntu server option. 2: Webmin admin page 8. Vancouver Canada www. Click Logout link to exit Webmin 9. Step 1: Install OpenSSH Package In order to support secure remote connections to your server. 1. replacing username with a valid user name on the computer you are trying to log into. issue the following command: $ sudo apt-get install openssh-server -y 2. you will need to install the OpenSSH package. Global Open Versity. you use the ssh username@hostname command. This package will come in handy in the future to support administrative tasks on the system.04 LTS Server v1. If you are capable of installing the user friendly Ubuntu GNU/Linux operating system or any other Linux distros.
1. or it’s IP address (e.83.225. and your ISPConfig server user account is krabah.83. Install dash as "/bin/sh"? <-.168. We can disable it like this: sudo /etc/init. by opening a terminal window on your Mac and running the command ssh krabah@192. example.04 LTS Server v1.0 replacing hostname with either the fully qualified host name (e. not "/bin/dash". Kefa Rabah. Note: For example. Global Open Versity. Here’s the quick and easy way to get PHP up and running on your Ubuntu box.83. 1. then you can now log into your su apt-getserver from your Mac.globalopenversity. First. 192.168.250.org ICT105 – Ubuntu Server Administration Training 7 . 1. We’re done with this section Step 4: Install PHP5 and Apache (HTTP) Web Server If you are doing any kind of PHP development.d -f apparmor remove sudo aptitude remove apparmor apparmor-utils 2. if your everyday computer is a Mac. © April 2007.g.d/apparmor stop sudo update-rc. you’ll want to add the extra repositories to Ubuntu’s "sources. In our case we have already done that in Part 1. you’ll almost always be using Apache along with it.g. Therefore I disable it (this is a must if you want to install ISPConfig later on).com) of your server. Vancouver Canada www. however we need "/bin/bash". We’re done with this section Step 3: Disable AppArmor AppArmor is a security extension (similar to SELinux) that should provide extended security. You can use ifconfig command to find out your IP address. Step 2: Change the Default Shell The "/bin/sh" is a symlink to" /bin/dash". Therefore we do this: dpkg-reconfigure dash 2. and your ISPConfig server IP address is 192. In my opinion you don't need it to configure a secure system and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected. and then you find out that everything was ok.168.list" file if you haven’t done so yet.No 3.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.250). only AppArmor was causing the problem).
see Fig. To start/stop/restart Apache2 server.0 2.globalopenversity. 3. Vancouver Canada www. Part 3: Optional Configuration Tasks Step 1: Configure Network Interface to Static IP Address In this section. 3 1. issue the following commands: $ sudo /etc/init. Note that if apache is already installed you can omit the first line. Fig. Kefa Rabah. Your web files will now be found in "/var/www/" 4. To test that your Apache2 is working correctly fire your browser go to URL: http://localhost.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.org ICT105 – Ubuntu Server Administration Training 8 . From a command shell. Global Open Versity. we are going to check and modify the network interface to change it from DHCP to static IP address on eth0 interface.d/apache2 restart 3. If your Ubuntu System is set to use DHCP. We’re done with this section.d/apache2 restart 2. you will run the following commands: sudo sudo sudo sudo apt-get install apache2 apt-get install php5 apt-get install libapache2-mod-php5 /etc/init. you will want to change it to a static IP address here is how to © April 2007.d/apache2 stop $ sudo /etc/init.04 LTS Server v1.d/apache2 start $ sudo /etc/init.
0 To do this.org ICT105 – Ubuntu Server Administration Training 9 .168. auto eth0 iface eth0 inet static address 192.0 network 192.83. and then there are a number of options that you should add and here is the example and you can change these settings according to your network settings. Global Open Versity. you will see the following lines. with our final result shown in Fig.168. it’s using DHCP right now. Fire up your favorite Text editor and open and modify /etc/network/interfaces file.83. 4 auto eth0 iface eth0 inet dhcp Fig. 5.50 netmask 255. with the result shown in Fig. see Fig.2 © April 2007.83.0 broadcast 192.83.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.168.globalopenversity. $ sudo nano /etc/network/interfaces Note: If you are using DHCP for your primary network card which is usually eth0.255 gateway 192. 4 Note: As you can see from Fig. Kefa Rabah.04 LTS Server v1. 4 above.168. perform the following procedure: 4. 4.255. we are going to change from DHCP to static. 5. Vancouver Canada www.255. Next.
0 Fig. Global Open Versity. Vancouver Canada www. 5 Note: use public IP address for production purposes.org ICT105 – Ubuntu Server Administration Training 10 . We’re done with this section Part 4: Install DNS Server In this section it’s assumed that you know how to install and configure a DNS Server on a Linux machine. Fig.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. issue the ifconfig command. entitled “Using Webmin and Bind9 to © April 2007. see Fig.globalopenversity. then check out our excellent Hands-On Labs training manual. Restart the networking service using the following command $ sudo /etc/init. 6 8. 6.d/networking restart 7. To check you server IP address. Kefa Rabah. 6.04 LTS Server v1. if not.
Fig. 8. domain and search. Vancouver Canada www. Fig. Global Open Versity.0 Setup DNS Server on Linux” to get you started. 1. Here we’re going to use Webmin and Bind9 to deploy a DNS Server for testing ISPConfig server.org ICT105 – Ubuntu Server Administration Training 11 . as shown in Fig. by issuing the following command: sudo apt-get install bind9 –y 2. 8 © April 2007. 7.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.conf" file to reflect the correct namesearch.globalopenversity. if it’s not already installed. Edit "/etc/resolv. Use apat-get to download and install Bind9.04 LTS Server v1. 7 3. Edit "/etc/hosts" file to reflect the correct hostname. as shown in Fig. Kefa Rabah.
Global Open Versity.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. Now fire-up your browser and point it to Webmin admin page: http://localhost:10000. Fig.org ICT105 – Ubuntu Server Administration Training 12 .04 LTS Server v1. configure the DNS server. 10. you should have a modified Existing DNS Zones with two additional icons. and when done. Vancouver Canada www. 10 © April 2007. Next. 9. On the right pane. Fig.globalopenversity. Kefa Rabah. as shown in Fig. scroll down to the Existing DNS Zones heading. as shown in Fig.0 4. 9 5. Next click on Servers link on the left-hand pane and then click BIND DNS Server.
04 LTS Server v1. And similarly for "nslookup". Fig.globalopenversity. Now open a new terminal window and test that your DNS server is configured correctly using "dig" and "nslookup" commands. Fig.org ICT105 – Ubuntu Server Administration Training 13 .Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. 12 © April 2007. 11 and 12 respectively. 12. Global Open Versity. as shown in Fig. 11 7. Vancouver Canada www.0 6. as shown in Fig. Kefa Rabah.
binutils We can install Postfix.04 LTS Server v1.globalopenversity. Kefa Rabah. hit Enter to accept the default selection. Saslauthd.0 8. and binutils with a single command: sudo aptitude install postfix postfix-mysql postfix-doc mysql-client mysqlserver courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl getmail4 rkhunter binutils maildrop Note: You will be asked the several questions which will require your response. 1. rkhunter.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. Saslauthd. Fig. We’re done with this section Part 5: Install Pre-Requisite Packages for ISPConfig Step 1: Install Postfix. Courier. Courier. 13. Postfix Configuration. From Fig.org ICT105 – Ubuntu Server Administration Training 14 . rkhunter. Global Open Versity. MySQL. Vancouver Canada www. 13 © April 2007.
Fig. as shown in Fig. you'll have to choose your mail server configuration. 14. 14 3. hit Enter to accept the default selection. From Fig. Accept the default "Internet site" and the select OK and hit Enter to continue.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server v1. Kefa Rabah. Vancouver Canada www. 15 © April 2007. 15. Global Open Versity.globalopenversity.org ICT105 – Ubuntu Server Administration Training 15 . Next.0 2. Fig. Postfix Configuration.
org ICT105 – Ubuntu Server Administration Training 16 . Vancouver Canada www. From Fig. Kefa Rabah. 16. enter your domain name.globalopenversity. select OK and then hit Enter to continue. Fig.04 LTS Server v1. in our case Fig. From Fig. 17. Postfix Configuration. 16 5. Configuring courier-ssl. 17 © April 2007. Global Open Versity.com" hit Tab key to select OK and then hit Enter to continue.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.0 4. "govhosting.
org ICT105 – Ubuntu Server Administration Training 17 . Global Open Versity. select Apache2 and then choose OK and then hit Enter to continue. From Fig. Vancouver Canada www. Fig. accept the default selection. 23 © April 2007.globalopenversity.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.04 LTS Server v1. tab to select Yes and then hit Enter to continue. Configuring phpmyadmin. 23. From Fig. Configuring phpmyadmin. Fig. 22 7. Kefa Rabah. 22.0 6.
cnf" file and comment out the line "bind-address = 127..] 2. From Fig.cnf [.0. Vancouver Canada www.. not just localhost.cnf file 1..0. therefore we need to edit "/etc/mysql/my. tab to OK and then hit Enter to continue.04 LTS Server v1. #bind-address = 127. Kefa Rabah.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.1": sudo nano /etc/mysql/my. 24 9.0 8.org ICT105 – Ubuntu Server Administration Training 18 .globalopenversity. restart MySQL server: sudo /etc/init.d/mysql restart © April 2007. we want MySQL to listen on all interfaces.] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. Fig.0.0. Global Open Versity. Issue the ldconfig command: sudo ldconfig 11. Again on the next Configuring phpmyadmin screen enter the password for MySQL. Configuring phpmyadmin. 10. You’ll be asked to reconfirm the password. tab to OK and then hit Enter to continue. We’re done with this section Step 2: Modify MySQL myc. Next.1 [. In this lab session.. enter the password. 24.
com for this lab session).Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.govhosting. 26: Fig. Global Open Versity. Next check that networking is enabled on MySQL server. replace "CN=localhost" with "CN=server1.com" for both POP3 and IMAP (you can also modify the other values. as desired): sudo nano /etc/courier/imapd. the SSL certificates for IMAP-SSL and POP3-SSL are by default created with the hostname "localhost". To change this to the correct hostname (server01. 25: Fig.govhosting. modify the following two files. as shown in Fig.pem 3.0 3. issue the command: netstat -tap | grep mysql Note: The output should look like shown in Fig. Next.. Vancouver Canada www. During the installation. 25 4. delete the certificates by performing the following procedure: cd /etc/courier sudo rm -f /etc/courier/imapd. Now test that MySQL server is running OK. 26 5.org ICT105 – Ubuntu Server Administration Training 19 . We’re done with this section Step 3: Modify SSL Certificate Hostname Configuration 1.cnf © April 2007. 2. Kefa Rabah.globalopenversity.04 LTS Server v1.pem sudo rm -f /etc/courier/pop3d.
portability and maintainability. We’re done with this section Step 4: Install Amavisd-new. SpamAssassin uses a variety of spam-detection techniques. To install amavisd-new. The core of the package is an anti-virus engine available in a form of shared library..govhosting.] CN=server1. and ClamAV The amavisd-new is a high-performance and reliable interface between mailer (MTA) and one or more content checkers: virus scanners..] 5.] 4. It talks to MTA via (E)SMTP or LMTP protocols. issue the following command: 20 © April 2007. designed especially for email scanning on mail gateways..0 used for e-mail spam filtering based on content-matching rules. Finally. which includes DNS-based and checksum-based spam detection.] CN=server1.com emailAddress=postmaster@govhosting. ensuring high reliability. Global Open Versity. It is now part of the Apache Foundation..cnf [. Vancouver Canada www. recreate the certificates as follows: sudo mkimapdcert sudo mkpop3dcert 6.0 [. Kefa Rabah.d/courier-imap-ssl restart sudo /etc/init.com emailAddress=postmaster@govhosting. restart Courier-IMAP-SSL and Courier-POP3-SSL.globalopenversity. The program can be integrated with the mail server to automatically filter all mail for a site. a command line scanner and advanced tool for automatic database updates. SpamAssassin.. 1.. as follows: sudo /etc/init. SpamAssassin is a computer program released under the Apache License 2. blacklists and online databases. Bayesian filtering. and/or Mail::SpamAssassin Perl module.com [.d/courier-pop-ssl restart 6. or by using helper programs.com [. It provides a number of utilities including a flexible and scalable multithreaded daemon. SpamAssassin.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.org ICT105 – Ubuntu Server Administration Training . Now. Clam AntiVirus (or ClamAV) is an open source (GPL) anti-virus toolkit for UNIX. external programs... It is written in Perl.govhosting. and ClamAV. Similarly for POP3: sudo nano /etc/courier/pop3d.04 LTS Server v1.
ssl. PHP5.2-common apache2-doc apache2-mpmprefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby Note 1: if you have installed Apache2.globalopenversity. Pear. phpMyAdmin. Next. It allows developers to use a wide range of encryption functions. Above all.org ICT105 – Ubuntu Server Administration Training 21 . 1. PHP and phpMyAdmin.04 LTS Server v1. Pear. with extensions. restart Apache2 server: © April 2007. Note 2: You will be prompted with the following question: 2. Next. Vancouver Canada www. Global Open Versity. Kefa Rabah. suExec. The following packages: Apache2. We’re done with this section Step 5: Install Apache2. allowing a server to handle more web page requests at once. MCrypt is a replacement for the old crypt() package and crypt(1) command. FastCGI's main aim is to reduce the overhead associated with interfacing the web server and CGI programs.0 sudo aptitude install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-sslperl libnet-ident-perl zip libnet-dns-perl 7. This improves security in situations where multiple mutually distrusting users have the possibility to put CGI content on the server. without making drastic changes to their code. then you can skip them. and mcrypt FastCGI is a protocol for interfacing interactive programs with a web server. phpMyAdmin. FCGI. It allows users to encrypt files or data streams without having to be cryptographers. run the following command to enable the Apache modules suexec. rewrite. Apache Suexec is a mechanism supplied with Apache that allows to execute CGI scripts as the user they belong to. rather than Apache's wwwrun user. it allows you to have some really neat code on your machine. and mcrypt can be installed by issuing the following command: sudo aptitude install apache2 apache2. actions.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. FCGI. PHP5. FastCGI is a variation on the earlier Common Gateway Interface (CGI). suExec. and include: sudo a2enmod suexec rewrite ssl actions include 3. PEAR is a framework and distribution system for reusable PHP components.
plus unique useful features for personal users as well as hosting providers.group. and it was always designed with security in mind. It provides simple answers to common needs.. and the code is always re-audited as new kind of vulnerabilities are checked and corrected on regular basis. as follows: [. production-quality and standard-conformant FTP server. make sure that the start mode is set to "standalone" and set "VIRTUALCHROOT=true".globalopenversity. We’re done with this section Step 6: Install PureFTPd and Quota Pure-FTPd is a free (BSD). "usrjquota=aquota.] STANDALONE_OR_INETD=standalone [..user. this may be used with UUID= as a more robust way to name © April 2007.0 sudo /etc/init. Next. Mine looks like this (I added.] 4. Use you favorite Text editor to edit the file "/etc/default/pure-ftpd-common".. # # Use 'blkid -o value -s UUID' to print the universally unique identifier # for a device..] VIRTUALCHROOT=true [.org ICT105 – Ubuntu Server Administration Training 22 .jqfmt=vfsv0" to the partition with the mount point "/"): sudo nano /etc/fstab # /etc/fstab: static file system information. Edit "/etc/fstab". Kefa Rabah.d/pure-ftpd-mysql restart 5. but focuses on efficiency and ease of use. Pure-FTPd is actively supported..04 LTS Server v1. as follows: sudo nano /etc/default/pure-ftpd-common 3. Then save the file and restart PureFTPd: /etc/init. 1. Global Open Versity.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. It doesn't provide useless bells and whistles.d/apache2 restart 8.grpjquota=aquota. PureFTPd and quota can be installed with the following command: sudo aptitude install pure-ftpd-common pure-ftpd-mysql quota quotatool 2. secure. Vancouver Canada www..
Global Open Versity. the visitors' countries. To enable quota. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc nodev.0 # devices that works even if disks are added and removed. Barrett in 1997. The Webalizer is a GPL application that generates web pages of analysis. Entries often combine embedded video or a video link with supporting text. We’re done with this section Step 7: Install Vlogger and Webalizer Video blogging.utf8 0 0 6.group. Video logs (vlogs) also often take advantage of web syndication to allow for the distribution of video over the Internet using either the RSS or Atom syndication formats. images.user /aquota. sometimes shortened to vlogging (pronounced v'LOG-ing or VEE-log-ing) or vidblogging is a form of blogging for which the medium is video. referrers. visits.noauto. Entries can be recorded in one take or cut into multiple parts. 7. Statistics commonly reported by Webalizer include: hits. See fstab(5).globalopenversity. and is a form of Internet television.org ICT105 – Ubuntu Server Administration Training 23 . 1.user.user. The packages: Vlogger and webalizer can be installed as follows: sudo aptitude install vlogger webalizer 2. for automatic aggregation and playback on mobile devices and personal computers. and other metadata.04 LTS Server v1.. such as per day. It is also a very popular category on YouTube.* mount -o remount / quotacheck -avugm quotaon -avug Note: you can also turn off quota as follows: "quotaoff -avug".usrjquota=aquota. hour. issue these commands (don’t forget start with "sudo"): touch /aquota.noexec. These statistics can be viewed graphically and presented by different time frames. and the amount of data downloaded. It is one of the most commonly used web server administration tools. from access and usage logs.e. We’re done with this section © April 2007.grpjquota=aquota.jqfmt=vfsv0 0 1 # /boot was on /dev/sda1 during installation UUID=9eef7b6b-5688-456c-8fe2-05ae739e3635 /boot ext2 defaults 0 2 /dev/mapper/server1-swap_1 none swap sw 0 0 /dev/fd0 /media/floppy0 auto rw.exec. Vancouver Canada www. Kefa Rabah.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. or month.group chmod 600 /aquota. i. it is web log analysis software.nosuid 0 0 /dev/mapper/server1-root / ext4 errors=remountro. It was initiated by Bradford L.
issue the command: sudo update-rc. a shell limited to some specific command.11.11 . To install JailKit.org ICT105 – Ubuntu Server Administration Training 24 . Download and Install JailKit 1.11 . It can be installed as follows (Important: Jailkit must be installed before ISPConfig . or a daemon inside a chroot jail is a lot easier using these utilities. The Jailkit package is needed only if you want to chroot SSH users. Setting up a chroot shell. Jailkit project is a set of utilities to limit user accounts to specific files using chroot() and or specific commands. bzflag servers.0 Step 8: Install Jailkit JailKit allows quick creation of limited user accounts in a chroot jail.globalopenversity. Global Open Versity. internet servers from internet service providers. Squid proxy servers.9 libtool flex bison debhelper 2.d" directory. etc.11. Next. on Debian this is: sudo cp extra/jailkit /etc/init.sessink. To download JailKit. copy the startup script to your "init. shell or daemon processes.tar.gz cd jailkit-2.d/jailkit © April 2007. internet servers from several large enterprise organizations.04 LTS Server v1. as well as many smaller companies and private users that need to secure cvs. Now create the correct symlinks. sftp. Kefa Rabah./debian/rules binary 3.d jailkit defaults 5./configure make su root make install 4.gz tar xvfz jailkit-2. Jailkit is also used to jail daemon processes.it cannot be installed afterwards!): sudo aptitude install build-essential autoconf automake1.nl/jailkit/jailkit-2.tar. for example Apache servers. perform the following procedures (remember to use "sudo"): cd /tmp wget http://olivier. on Debian. Vancouver Canada www.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. perform the following procedures (remember to use "sudo"): cd jailkit-2. Jailkit is known to be used in network security appliances from several leading IT security firms.
govhosting. We’re done with this section Step 9: Install fail2ban Fail2Ban is an intrusion prevention framework written in the Python programming language.0 6. Vancouver Canada www.globalopenversity. © April 2007. Next. Global Open Versity. 1.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. It is able to run on POSIX systems that have an interface to a packet-control system or firewall installed locally (for example. issue the following command: sudo aptitude install squirrelmail 2. We’re done with this section Step 10: Install SquirrelMail SquirrelMail is a PHP-based Web email client.0 for maximum compatibility across browsers. 27. as shown in Fig. Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. create the following symlink. We must tell SquirrelMail that we are using Courier-IMAP/-POP3: 5.168. 1.com/webmail or http://192. and renders all pages in pure HTML 4. It has strong MIME support and a flexible plugin system. To install the SquirrelMail webmail client.org ICT105 – Ubuntu Server Administration Training 25 . because the ISPConfig monitor tries to show the fail2ban log: sudo aptitude install fail2ban 2. Afterwards you can access SquirrelMail under http://mail. iptables or TCP Wrapper). It updates firewall rules to reject the IP address. This is optional but recommended.50/webmail. Kefa Rabah. It includes built-in pure PHP support for IMAP and SMTP. Now configure SquirrelMail: sudo squirrelmail-configure 4.83.as follows: sudo ln -s /usr/share/squirrelmail/ /var/www/webmail 3.04 LTS Server v1.
org ICT105 – Ubuntu Server Administration Training 26 .globalopenversity.04 LTS Server v1.php © April 2007.net/ispconfig/ISPConfig3. by perform the following procedures: cd /tmp wget http://downloads.tar. However. To install ISPConfig.2. 27: SquirrelMail mail client 3.sourceforge.gz?use_mirror= tar xvfz ISPConfig-3.0.1. Vancouver Canada www. You may download & install "ISPConfig 3" from the latest released version. We’re done with this section Part 6: Install ISPConfig Setting up ISPConfig is somewhat challenging.tar. 1.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. but it is much easier than coding DNS files by hand.0 Fig. issue the command: sudo php -q install. Global Open Versity. Kefa Rabah. if you took due diligent in installing the pre-requisite packages.0.1. then installing ISPConfig is brisk and is as easy as having a walk in a park.gz cd ispconfig3_install/install/ 2.2.
04 LTS Server v1.. Fig. sasl. MySQL root password etc. domain name.globalopenversity.0 Note: This will start the ISPConfig 3 installer.ini on line 1 in Unknown on line 0 © April 2007.g. 28.d/imap. (this can and should be different from your user password). Kefa Rabah. Next.ini on line 1 in Unknown on line 0 PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf. for you. and the install script processing that follows. e.d/mcrypt. Global Open Versity. to accept the default selection or change as desired. The installer will configure all services like postfix. Vancouver Canada www. see Fig. you'll have to choose a language. 28: Install ISPConfig netadmin@server01:/tmp$ cd ispconfig3_install/install/ netadmin@server01:/tmp/ispconfig3_install/install$ sudo php -q install.d/imagick.org ICT105 – Ubuntu Server Administration Training 27 . 12. courier. you'll be required to press enter a few times.php [sudo] password for netadmin: PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf. etc.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.ini on line 1 in Unknown on line 0 PHP Deprecated: Comments starting with '#' are deprecated in /etc/php5/cli/conf.
......| |_/ / | / \/ ___ _ __ | |_ _ __ _ | | `--.expert) [standard]: Full qualified hostname (FQDN) of the server...domain....0 ---------------------------------------------------------------------------_____ ___________ _____ __ _ |_ _/ ___| ___ \ / __ \ / _(_) | | \ `--....................+++ .......... Kefa Rabah.de) [en]: Installation mode (standard.....com MySQL server hostname [localhost]: MySQL root username [root]: MySQL root password : password MySQL database to create [dbispconfig]: MySQL charset [utf8]: Generating a 2048 bit RSA private key . Default values are in [brackets] and can be accepted with <ENTER>.+++ writing new private key to 'smtpd. | __/ | |___/ ------------------------------------------------------------------------------ >> Initial configuration Operating System: Debian Squeeze/Sid or compatible Following will be a few questions for primary configuration so be careful...........govhosting.....Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10......globalopenversity....... Tap in "quit" (without the quotes) to stop the installer.... Vancouver Canada www........ . Select language (en......key' ----You are about to be asked to enter information that will be incorporated into your certificate request.04 LTS Server v1......... Global Open Versity......... 28 © April 2007.. [server01.tld ........ \ __/ | | / _ \| '_ \| _| |/ _` | _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | \___/\____/\_| \____/\___/|_| |_|_| |_|\__.......localdomain]: server01.....org ICT105 – Ubuntu Server Administration Training eg server1..
* Starting SASL Authentication Daemon saslauthd . you may also use the restart(8) utility. Global Open Versity.globalopenversity. © April 2007. use the service(8) utility.. e.. e. process 3339 * Stopping Postfix Mail Transport Agent postfix . company) [Internet Widgits Pty Ltd]:Global Open Versity Organizational Unit Name (eg... ----Country Name (2 letter code) [AU]:CA State or Province Name (full name) [Some-State]:BC Locality Name (eg. Kefa Rabah. YOUR name) :Net Admin Email Address :netadmin@govhosting... city) :Surrey Organization Name (eg. service mysql restart Since the script you are attempting to invoke has been converted to an Upstart job..'.done.g.done.done. If you enter '.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.com Configuring Jailkit Configuring SASL Configuring PAM Configuring Courier Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring Pureftpd Configuring BIND Configuring Apache Configuring vlogger Configuring Apps vhost Configuring Firewall Installing ISPConfig ISPConfig Port : Configuring DBServer Installing Crontab no crontab for getmail Restarting services . restart mysql mysql start/running.done.org ICT105 – Ubuntu Server Administration Training 29 . Vancouver Canada www. the field will be left blank. There are quite a few fields but you can leave some blank For some fields there will be a default value. Rather than invoking init scripts through /etc/init. * Stopping SASL Authentication Daemon saslauthd . section) :ICT Labs Common Name (eg..d.0 What you are about to enter is what is called a Distinguished Name or a DN. * Starting Postfix Mail Transport Agent postfix ..g..04 LTS Server v1.
done... .... 14. so no manual configuration is needed.. * Starting Courier IMAP server. * Stopping Courier IMAP server..83.done..50:8080/...04 LTS Server v1. * Stopping Courier POP3-SSL server.. * Starting Courier POP3-SSL server. * Starting ClamAV daemon clamd ...0 Stopping amavisd: amavisd-new. * Stopping Courier IMAP-SSL server. . Restarting ftp server: Running: /usr/sbin/pure-ftpd-mysql-virtualchroot -l mysql:/etc/pure-ftpd/db/mysql.168.. 29.done. The installer automatically configures all underlying services...done. * Stopping ClamAV daemon clamd . Starting amavisd: amavisd-new... © April 2007..done... ..done..... . * Stopping Courier POP3 server.. * Restarting web server apache2 .. ... Vancouver Canada www.done. .done.globalopenversity. Afterwards you can access ISPConfig 3 under http://www..govhosting..done.done. Log in with the username "admin" and the password "admin" (Note: it’s very critical that you should change the default password after your first login)..com:8080/ or http://192.org ICT105 – Ubuntu Server Administration Training 30 .Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. see Fig. * Stopping Courier authentication services authdaemond ...done. * Starting Courier POP3 server.done.. .log -A -H -8 UTF-8 -b -B Installation completed. Kefa Rabah. ..conf -l pam -u 1000 -E -O clf:/var/log/pureftpd/transfer. Global Open Versity. waiting .. netadmin@server01:/tmp/ispconfig3_install/install$ 13.. * Starting Courier IMAP-SSL server.. * Starting Courier authentication services authdaemond . ....done....
org ICT105 – Ubuntu Server Administration Training 31 .Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. Congratulation you have successfully installed ISPConfig 3. 29: ISPConfig Login page 15.globalopenversity. Kefa Rabah.0 Fig. as shown in Fig. Vancouver Canada www. 30.04 LTS Server v1. Global Open Versity. © April 2007. Click Login. If you’re able to successfully login.
Vancouver Canada www.globalopenversity. Kefa Rabah.04 LTS Server v1.0 Fig. Global Open Versity. 30: ISPConfig home page 16.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. as shown in Fig. © April 2007. 31. Click the Monitor tab to check your system health.org ICT105 – Ubuntu Server Administration Training 32 .
ISPConfig hosting control panel and many more: • ICT105 . Ubuntu Server Administration Training You can now register and take our superb Ubuntu Training Course covering Ubuntu 10.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10.org ICT105 – Ubuntu Server Administration Training . RESTORE Backup.globalopenversity. We’re done with this section. EHCP hosting control panel. 31: ISPConfig system monitoring screen 17. Take your time to familiarize yourself with your newly minted ISPConfig hosting services Part 7: Need More Training on Linux: Are you having trouble understanding or comprehending the working of Linux OS. Kefa Rabah. Global Open Versity.Ubuntu Server Administration 33 © April 2007. Vancouver Canada www.0 Fig. Vancouver Canada.04 LTS. if so.04 LTS Server v1. 18. then check out some of our introductory courses on Linux at: Global Open Versity.
& CIS204. ISPConfig server. Deploy Moodle LMS. Boss & JPortal infrastructure. A GOV Open Access Technical Academic Publications Enhancing education & empowering people worldwide through eLearning in the 21st Century © April 2007. implementation and deploying complex network infrastructure. Install and configure ISPConfig server Linux Administration Training Make a smart move. Design & implement a DNS master & slave servers for redundancy. Design & Install & Deploy Secure Apache Tomcat AS. PREQ: BM103. design. CIS107. Install Email clients Thunderbird & Evolution.0 Call us today: Tel: +1-604-495-6361 Email: info@globalopenversity. Deploy virtual domains suitable for ISP solution. He is also the founder of Global Open Versity. Integrate Samba with Windows Active Directory & Mac OSX infrastructure for SSO. Install and configure RESTORE backup.globalopenversity. development. CIS200. Kefa Rabah. Deploy OSCAR eHealth infrastructure. CIS102. Upon completion of this course you will have gained advance knowledge and skills at expert competency with capability to deploy complete medium enterprise level network infrastructure solution. Or start your own ISP business or Linux consultancy services. Install and configure Ubuntu 10. Install and configure DNS server and all the pre-requisite packages for installing ISPConfig 3. Configure DHCP and Firewall solutions. CIS202/CIS402. In this course you will learn how to install and configure Linux OS. Kefa is knowledgeable in several fields of Science & Technology. and Renewable Energy Systems. a place to enhance your educating and career goals using the latest innovations and technologies. Postfix & Zimbra messaging systems. CIS105.Linux Enterprise Infrastructure Engineering Diploma This is an advance Linux course for IT professionals.Donate and help others bridge the digital divide Enhancing experiential education to all through eLearning in the 21st Century ----------------------------------------------Kefa Rabah is the Founder of Global Technology Solutions Institute.Global Open Versity ICT Labs Build your own ISP Hosting using ISPConfig on Ubuntu 10. Network Infrastructure Engineers in enterprise business information technology (IT) strategy & development. The goal of this course is to equip students and IT professionals with advance Linux skills required in enterprise infrastructure planning. EHCP server.org Part 8: Hands-on Labs Assignments 1. URL: www.globalopenversity. Design & Implement OpenLDAP or OpenDS infrastructure for Single-Sign-On (SSO). its time you reconfigure your skill-sets and move your career into the fastest moving high tech gravy train of the Linux Open Source world.04 LTS Server 2. join our Linux program today: • Linux Enterprise Infrastructure Engineering Diploma – ICT202 ICT202 .org. Deploy Sendmail. Deploy SugarCRM. Vancouver Canada www.org ICT105 – Ubuntu Server Administration Training 34 .04 LTS Server v1. GlassFish & SAML on Linux. Global Open Versity. BM200. Information Security Compliance and Project Management.
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue listening from where you left off, or restart the preview.