Author Topic: install vhcs2.4.8 on debian (Read 32452 times)

golfreeze · « **on:** มิถุนายน 27, 2011, 05:02:38 PM »

How to Install Hosting Control Panel - VHCS2
============================================

1. install Debian Lenny (Debian 5.0)

   1.1) sudo nano /etc/network/interfaces

   auto eth0
   iface eth0 inet static
   address 192.168.1.x
   netmask 255.255.255.0
   gateway 192.168.1.1
   network 192.168.1.0
   broadcast 192.168.1.255

   sudo /etc/init.d/networking restart


   1.2) install ssh

   apt-get install ssh openssh-server

   1.3) via ssh

   a) ssh setting
   ===========

      protocol ssh2
      hostname 192.168.1.101
      port 22
      username XXX
      authentication password
      password XXXXXXserver01


   1.4) nano /etc/hosts

       127.0.0.1 localhost.localdomain localhost
      192.168.1.101 server01.99webhosting.com server01

      /etc/init.d/hostname.sh start

        test: hostname
            hostname –f

   1.5) nano /etc/resolv.conf

   domain 99webhosting.com
   search 99webhosting.com
   nameserver 192.168.1.101
   nameserver 192.168.1.102
   nameserver 207.69.188.185
   nameserver 207.69.188.186
   nameserver 207.69.188.187

   1.6) change the default Shell:

   rm -f /bin/sh
   ln -s /bin/bash /bin/sh

   1.7) update and install

   aptitude update
   aptitude upgrade
   aptitude install tar bzip2 wget lsb-release

2. install some packages

   2.1) cd tmp

   2.2) nano debian5-packages.txt

   apache2
   apache2.2-common
   apache2-mpm-prefork
   bind9
   bzip2
   courier-authdaemon
   courier-base
   courier-imap
   courier-maildrop
   courier-pop
   diff
   dnsutils
   gcc
   gzip
   iptables
   libapache2-mod-php5
   libberkeleydb-perl
   libc6-dev
   libcrypt-blowfish-perl
   libcrypt-cbc-perl
   libcrypt-passwdmd5-perl
   libdate-calc-perl
   libdate-manip-perl
   libdbd-mysql-perl
   libdbi-perl
   libio-stringy-perl
   libmail-sendmail-perl
   libmailtools-perl
   libmcrypt4
   libmd5-perl
   libmime-perl
   libnet-dns-perl
   libnet-netmask-perl
   libnet-perl
   libnet-smtp-server-perl
   libperl5.10
   libsasl2-2
   libsasl2-modules
   libsnmp-session-perl
   libterm-readkey-perl
   libterm-readpassword-perl
   libtimedate-perl
   make
   mysql-client
   mysql-common
   mysql-server
   original-awk
   patch
   perl
   perl-base
   perl-modules
   php5
   php5-gd
   php5-mcrypt
   php5-mysql
   php-pear
   postfix
   postfix-tls
   procmail
   proftpd
   sasl2-bin
   ssh
   tar
   wget

   2.3) aptitude install $(cat ./debian5-packages.txt)

   2.3) answer questions, and edit /etc/default/saslauthd

   1) New Password for MYSQL "root" user:
   2) General type of mail configuration: --> Internet Site
   3) System mail name:
   4) ProFTPd configuration: standalone


3. Shutdown unwanted services from inetd

       update-inetd --remove daytime
       update-inetd --remove telnet
       update-inetd --remove time
       update-inetd --remove finger
       update-inetd --remove talk
       update-inetd --remove ntalk
       update-inetd --remove ftp
       update-inetd --remove discard

4. some config and test

   4.1) sasl

   nano /etc/default/saslauthd

   START=yes

   4.2) postfix

   a) nano /etc/postfix/main.cf

   myhostname = mail.99webhosting.com
   mydestination = 99webhosting.com, server01.99webhosting.com, localhost.99webhosting.com, localhost

   b) nano /etc/mailname

   99webhosting.com

   c) test: 1) telnet localhost 25

   ehlo localhost

   2) send mail: date | mail -s “testing” rXXX7777777@gmail.com //note: apt-get install mailutils

   3) monitoring: tail -f /var/log/mail.log

   4.3) Courier-IMAP / POP3

   test: telnet localhost imap / pop3


   4.4) Anti-Spam / virus

   4.4.1) installation

      sudo apt-get install amavisd-new spamassassin clamav-daemon
      sudo apt-get install dkim-filter python-policyd-spf
      sudo apt-get install pyzor razor
      sudo apt-get install arj cabextract cpio nomarch pax unzip zip zoo

   or:

   apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax


   4.4.2) configuration

       a) ClamAV

   add clamav user to the amavis group in order for
   Amavisd-new to have the appropriate access to scan files
   (sudo nano /etc/clamav)

       sudo adduser clamav amavis


       b) Spamassassin

   sudo nano /etc/default/spamassassin

   ENABLED=1 #activate the Spamassassin daemon


   then start it: sudo /etc/init.d/spamassassin start

       c) Amavisd-new

   1) activate spam and antivirus detection in Amavisd-new

         sudo nano /etc/amavis/conf.d/15-content_filter_mode

          @bypass_virus_checks_maps = (
             \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

          @bypass_spam_checks_maps = (
            \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);


       2*) Bouncing spam is the default, you may discard it as bellow

          sudo nano /etc/amavis/conf.d/20-debian_defaults

          $final_spam_destiny = D_DISCARD;


           3) nano /etc/amavis/conf.d/05-node_id

       $myhostname = "mail.99webhosting.com";

   4) nano /etc/amavis/conf.d/50-user

        $pax='pax';


           5) /etc/init.d/amavis restart
   /etc/init.d/clamav-daemon restart
   /etc/init.d/clamav-freshclam restart



        d) DKIM Whitelist

        (once a domain has been added to the Whitelist, the message will not
       receive any anti-virus or spam filtering.)

           nano /etc/amavis/conf.d/40-policy_banks


   (Now restart Postfix: sudo /etc/init.d/postfix restart)

   4.4.3) test

         a) Amavisd-new SMTP is listening (directly in Ubuntu system)

             telnet localhost 10024
             Trying 127.0.0.1...
             Connected to localhost.
             Escape character is '^]'.
             220 [127.0.0.1] ESMTP amavisd-new service ready
             ^]


   4.5) apache2

   http://192.168.1.101

   4.6) sql

   4.6.1) create database and user

        # mysql -u root -p

         create database 99webhosting;
         use 99webhosting

         grant all privileges on *.* to 'XXX'@'localhost' identified by 'XXXXXXmysql' with grant option;
         \q

   4.6.2) install

      apt-get install mysql-server mysql-client libmysqlclient15-dev
   apt-get install phpmyadmin


   4.6.3) test: http://192.168.1.101/phpmyadmin/

   4.7) BIND9

   test:

          1) /etc/init.d/bind9 restart
          2) to add the ip of the DNS server (the localhost) to your /etc/resolv.conf to use it:

        nano /etc/resolv.conf

          nameserver 127.0.0.1

          3) ping www.google.com

   4.

FTP

   test: /etc/init.d/proftpd restart

   telnet localhost ftp

5. mount the external disk

   5.1) to make hard disk ready

   1) check partition

   fdisk -l

   2) make partition type (Linux), for ext2 and ext3:

   fdisk /dev/sdb

   3) make file system (format)

   mke2fs /dev/sdb1


   (Ext3 requires one more step:)

   tune2fs -j /dev/sdb1 (creates the ext3 journal)

   4) change the frequency of forced file system checking (wouldn't do this routine checking)

   tune2fs -c 0 /dev/sdb1
   tune2fs -i 0 /dev/sdb1

   5.2) mkdir /media/disk500GB

   chmod -R 777 /media/disk500GB


   5.3) mount -t ext3 /dev/sdb1 /media/disk500GB

   or:

   1) nano /etc/fstab

   /dev/sdb1 /media/disk500GB ext3 defaults 0 0

   2) reboot or mount -a



   5.4) check: mount

   5.5) fix

   1) nano /usr/share/initramfs-tools/init

   maybe_break mount
       sleep 10
   log_begin_msg "Mounting root file system..."

   2) /usr/sbin/update-initramfs -uk all

golfreeze · « **Reply #1 on:** มิถุนายน 27, 2011, 05:03:02 PM »

6. install Journaled Quota

6.1) aptitude install quota

6.2) nano /etc/fstab

(add "usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0" to the partition
where you want to use quota, mine the / partition):

     /dev/mapper/server01-root / ext4 errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0    0 1

6.3) To enable quota, run these commands:

   touch /aquota.user /aquota.group
   chmod 600 /aquota.*
   mount -o remount /
   quotacheck -avugm
   quotaon -avug

(ignore the warning msg, which occurs only first run)

how to turning Off Quotas:
--------------------------
quotaoff -v /
-----------

7. install Webalizer

7.1) apt-get install webalizer

7.2) Synchronize the System Clock

apt-get install ntp ntpdate

7.3) configure

nano /etc/webalizer/webalizer.conf

LogFile /var/log/apache2/access.log

7.4) restart:

/etc/init.d/apache2 restart

7.5) Running Webalizer manually first time

/usr/bin/webalizer

7.6) test:

http://192.168.1.101/webalizer

8. install VHCS2
=============

8.1) download

cd tmp

wget http://downloads.sourceforge.net/project/vhcs/VHCS%202.4/VHCS%202.4.8/vhcs-2.4.8.tar.bz2?use_mirror=iweb

tar xjvf vhcs-2.4.8.tar.bz2

cd vhcs-2.4.8

8.2)* Configuration File

   1) nano /tmp/vhcs-2.4.8/configs/vhcs2.conf

   DEFAULT_ADMIN_ADDRES = admin@99webhosting.com
       SERVER_HOSTNAME = server01
       BASE_SERVER_IP = 192.168.1.101
       DATABASE_TYPE = mysql
       DATABASE_HOST = localhost
       DATABASE_NAME = 99webhosting
       DATABASE_PASSWORD = XXXXXXmysql
       DATABASE_USER = XXX

   DATE_FORMAT = m.d.Y

8.3) make install

8.4) cp -R /tmp/vhcs-2.4.8/* /

8.5) to run the setup for vhcs:

/var/www/vhcs2/engine/setup/vhcs2-setup

    Please to enter system hostname (for Enter defaults) [debian]: server01
    Please to enter system network address (for Enter defaults) [10.0.0.69 ]: 192.168.1. 101
    Please to enter SQL server host (for Enter defaults) [localhost]:
    Please to enter system SQL database (for Enter defaults) [vhcs2]: 99webhosting
    Please to enter system SQL to user (for Enter defaults) [root]: XXX
    Please to enter system SQL password (for Enter defaults) [none]: XXXXXXmysql
    Please repeat system SQL password: password
    Please to enter VHCS FTP SQL to user (for Enter defaults) [vftp]: ftp_XXX
    Please to enter VHCS FTP SQL to user password (for Enter defaults) [none]: XXXXXXftp
    Please repeat VHCS FTP SQL to user password: XXXXXXxxx
    Please to enter administrator login name (for Enter defaults) [admin]:XXX
    Please to enter administrator password: XXXXXXhost
    Administrator Please repeat password: XXXXXXhost
    Please to enter administrator email address: admin@99webhosting.com

8.6) test: http://192.168.1.101/vhcs2

8.7) fix

1) FTP issue
=========

        a) nano /etc/proftpd/proftpd.conf

       include /etc/proftpd/modules.conf
       DisplayfirstChdir -> DisplayChdir

       (in addition:)

      ServerIdent       on "FTP Server Ready"
     UseIPv6       off

        b) nano /etc/proftpd/modules.conf

     LoadModule mod_sql.c
       LoadModule mod_sql_mysql.c

   c) /etc/init.d/proftpd restart

        d) test: telnet localhost ftp


2) smart host
==========

     a) nano /etc/postfix/main.cf

#
        # enable smart host
        #
           relayhost = [smtpauth.earthlink.net]
            smtp_sasl_auth_enable = yes
      smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
      smtp_sasl_security_options =

     b) Create the password maps file

nano /etc/postfix/sasl_password

smtpauth.earthlink.net shaojunXXX@earthlink.net:password


     c) Set proper permissions for the password maps file

     chown root:root /etc/postfix/sasl_password
         chmod 600 /etc/postfix/sasl_password

     d) Create hash from maps file


sudo postmap hash:/etc/postfix/sasl_password

(in addition:)

content_filter = amavis:[127.0.0.1]:10024

     e) /etc/init.d/postfix restart

     f) test:

1) saslfinger -c

2) telnet localhost 25

ehlo localhost

(If you see the lines 250-STARTTLS and 250-AUTH everything is fine.)

3) send mail:
apt-get install mailutils
date | mail -s “testing” rXXX7777777@gmail.com

4) monitoring: tail -f /var/log/mail.log

3) error (Notice: Undefined index: /dev/shm in /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php on line 525)
=====

     nano /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php

     replace the fuction filesystem () with below:

      http://www.icc-computer.com/HowTo/WebHostingHowTo/function%20filesystems.txt

4) language
========

5) error ()

apt-get install PHP5 (http://www.debianhelp.co.uk/php5.htm)
apt-get install libapache2-mod-php5 libapache2-mod-perl2 php5 php5-cli php5-common php5-curl php5-dev php5-domxml php5-gd php5-imap php5-ldap php5-mcal php5-mhash php5-mysql php5-odbc php5-pear php5-xslt
apt-get install php5-imap

6) email sent from localhost bounced

   a) nano /etc/postfix/main.cf

           myorigin = /etc/mailname
           myhostname = mail.99webhosting.com

         b) nano /etc/hosts

            127.0.0.1 99webhosting.com localhost.localdomain localhost
             192.168.1.101 server01.99webhosting.com server01

9. additional installation

9.1)

///////////////////////////////////////////////////////////////////////////////////////////////////////
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
////////////////////////////////////////////////////////////////////////////////////////////////////////
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

how to install VHCS2
====================

1. install Ubuntu / Debian

select the options (LAMP, DNS,MySQL,...) except mail

1.1) sudo nano /etc/network/interfaces

auto eth0
iface eth0 inet static
   address 192.168.1.x
   netmask 255.255.255.0
   gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255

sudo /etc/init.d/networking restart

1.2) ssh

    apt-get install ssh openssh-server

1.3) nano /etc/hosts

   127.0.0.1 localhost.localdomain localhost
    192.168.1.101 server01.99webhosting.com server01

/etc/init.d/hostname.sh start

test:

    hostname
    hostname –f

1.4) sudo nano /etc/resolv.conf

   domain 99webhosting.com
   search 99webhosting.com
   nameserver 192.168.1.101
   nameserver 192.168.1.102
   nameserver 207.69.188.185
   nameserver 207.69.188.186
   nameserver 207.69.188.187

1.5) update and install

aptitude update
aptitude upgrade
aptitude install tar bzip2 wget lsb-release

2*. change the default Shell:

rm -f /bin/sh
ln -s /bin/bash /bin/sh

3. install some packages

3.1) cd tmp

3.2) nano debian5-packages.txt

   apache2
   apache2.2-common
   apache2-mpm-prefork
   bind9
   bzip2
   courier-authdaemon
   courier-base
   courier-imap
   courier-maildrop
   courier-pop
   diff
   dnsutils
   gcc
   gzip
   iptables
   libapache2-mod-php5
   libberkeleydb-perl
   libc6-dev
   libcrypt-blowfish-perl
   libcrypt-cbc-perl
   libcrypt-passwdmd5-perl
   libdate-calc-perl
   libdate-manip-perl
   libdbd-mysql-perl
   libdbi-perl
   libio-stringy-perl
   libmail-sendmail-perl
   libmailtools-perl
   libmcrypt4
   libmd5-perl
   libmime-perl
   libnet-dns-perl
   libnet-netmask-perl
   libnet-perl
   libnet-smtp-server-perl
   libperl5.10
   libsasl2-2
   libsasl2-modules
   libsnmp-session-perl
   libterm-readkey-perl
   libterm-readpassword-perl
   libtimedate-perl
   make
   mysql-client
   mysql-common
   mysql-server
   original-awk
   patch
   perl
   perl-base
   perl-modules
   php5
   php5-gd
   php5-mcrypt
   php5-mysql
   php-pear
   postfix
   postfix-tls
   procmail
   proftpd
   sasl2-bin
   ssh
   tar
   wget

   3.3) aptitude install $(cat ./debian5-packages.txt)

4*. install proftpd

4.1) apt-get install proftpd

(answer: standalone)

4.2) For security reasons you can add the following lines to /etc/proftpd.conf

   nano /etc/proftpd/proftpd.conf

DefaultRoot ~
   IdentLookups off
   ServerIdent on "FTP Server ready."

4.4) /etc/init.d/proftpd restart

4.3) test: telnet localhost ftp

5*. now run:

apt-get update
apt-get upgrade

golfreeze · « **Reply #2 on:** มิถุนายน 27, 2011, 05:03:18 PM »

6*. install some more packages (you might not need all of these but I found the server ran better for me with the following installed:)

apt-get install binutils cpp cpp-4.0 fetchmail flex gcc gcc-4.0 libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev libnet-dns-perl libdb-file-lock-perl libhtml-parser-perl linux-kernel-headers lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev automake1.9 libtool bison g++ wget bzip2 libgd1 gawk libterm-readpassword-Perl patch libmcrypt4 iptables gzip diff bind9 libtimedate-Perl libterm-readkey-Perl libsnmp-session-Perl libperl5.8 libnet-smtp-server-Perl libnet-Perl libnet-netmask-Perl libmime-Perl libmd5-Perl libmailtools-Perl libmail-sendmail-Perl libio-stringy-perl libdbi-Perl libdbd-mysql-Perl libdate-manip-Perl libdate-calc-Perl libcrypt-passwdmd5-Perl libcrypt-cbc-Perl libcrypt-blowfish-Perl libberkeleydb-perl courier-maildrop proftpd-mysql

or:

apt-get install binutils fetchmail flex libarchive-zip-perl libc6-dev libcompress-zlib-perl libpopt-dev libnet-dns-perl libdb-file-lock-perl lynx m4 ncftp nmap unzip zip zlib1g-dev automake1.9 libtool bison g++ gawk libterm-readpassword-Perl libmcrypt4 bind9 libtimedate-Perl libsnmp-session-Perl libnet-smtp-server-Perl libnet-Perl libnet-netmask-Perl libmime-Perl libmd5-Perl libmail-sendmail-Perl libio-stringy-perl libdbi-Perl libdbd-mysql-Perl libdate-manip-Perl libdate-calc-Perl libcrypt-passwdmd5-Perl libcrypt-cbc-Perl libcrypt-blowfish-Perl libberkeleydb-perl courier-maildrop

   (These should be the default answer, change if you feel it is needed:

   1. No
   2. system mail name: 99webhosting.com
    )

-------------
7. mount the external disk

7.0) to make hard disk ready

1) check partition

fdisk -l

2) make partition type (Linux), for ext2 and ext3:

fdisk /dev/sdb

3) make file system (format)

mke2fs /dev/sdb1

(Ext3 requires one more step:)

tune2fs -j /dev/sdb1 (creates the ext3 journal)

4) change the frequency of forced file system checking (wouldn't do this routine checking)

tune2fs -c 0 /dev/sdb1
tune2fs -i 0 /dev/sdb1

7.1) mkdir /media/disk500GB

chmod -R 777 /media/disk500GB

7.2) mount -t ext3 /dev/sdb1 /media/disk500GB

or:

1) nano /etc/fstab

/dev/sdb1 /media/disk500GB ext3 defaults 0 0

2) reboot or mount -a

7.4) check: mount

-------------

8. install Journaled Quota

8.1) aptitude install quota

8.2) nano /etc/fstab

(add "usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0" to the partition
where you want to use quota, mine the / partition):

     /dev/mapper/server01-root / ext4 errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0    0 1

8.3) To enable quota, run these commands:

   touch /aquota.user /aquota.group
   chmod 600 /aquota.*
   mount -o remount /
   quotacheck -avugm
   quotaon -avug

(ignore the warning msg, which occurs only first run)

how to turning Off Quotas:
--------------------------
quotaoff -v /
-----------

9. Postfix With SMTP-AUTH, TLS AND smart host

9.1) apt-get install postfix sasl2-bin procmail

9.2) configure

   dpkg-reconfigure postfix

   (These should be the default answer, change if you feel it is needed:

   1. Internet site
   2. system mail name: 99webhosting.com
3. XXX@99webhosting.com
   4. 99webhosting.com, server01.99webhosting.com, mail.99webhosting.com, localhost.99webhosting.com, localhost
   5. No
   6. 127.0.0.0/8
   7. Yes
   8. 0
   9. +
   10. all

    )

9.3) enable sasl (/etc/postfix/main.cf)

   postconf -e 'smtpd_sasl_local_domain ='
   postconf -e 'smtpd_sasl_auth_enable = yes'
   postconf -e 'smtpd_sasl_security_options = noanonymous'
   postconf -e 'broken_sasl_auth_clients = yes'
   postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
   postconf -e 'inet_interfaces = all'
   echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
   echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf

9.4) enable TLS (/etc/postfix/main.cf)

a) create the certificates for TLS:

   mkdir /etc/postfix/ssl
   cd /etc/postfix/ssl/
   openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
   chmod 600 smtpd.key
   openssl req -new -key smtpd.key -out smtpd.csr
   openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
   openssl rsa -in smtpd.key -out smtpd.key.unencrypted
   mv -f smtpd.key.unencrypted smtpd.key
   openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

b) configure Postfix for TLS:

   postconf -e 'smtpd_tls_auth_only = no'
   postconf -e 'smtp_use_tls = yes'
   postconf -e 'smtpd_use_tls = yes'
   postconf -e 'smtp_tls_note_starttls_offer = yes'
   postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
   postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
   postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
   postconf -e 'smtpd_tls_loglevel = 1'
   postconf -e 'smtpd_tls_received_header = yes'
   postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
   postconf -e 'tls_random_source = dev:/dev/urandom'
   postconf -e 'myhostname = mail.99webhosting.com'

9.5) enable smart host

      a) sudo nano /etc/postfix/main.cf

           relayhost = [smtpauth.earthlink.net]
            smtp_sasl_auth_enable = yes
      smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
      smtp_sasl_security_options =

b) Create the password maps file

sudo nano /etc/postfix/sasl_password

smtpauth.earthlink.net shaojunXXX@earthlink.net:password


c) Set proper permissions for the password maps file

     sudo chown root:root /etc/postfix/sasl_password
         sudo chmod 600 /etc/postfix/sasl_password

d) Create hash from maps file


sudo postmap hash:/etc/postfix/sasl_password

   9.6) sudo /etc/init.d/postfix restart

   9.7) test

a) saslfinger -c

b) telnet localhost 25

ehlo localhost

(If you see the lines 250-STARTTLS and 250-AUTH everything is fine.)

c) send mail:
apt-get install mailutils
date | mail -s “testing” rXXX7777777@gmail.com

d) monitoring: tail -f /var/log/mail.log

9.

trouble-shooting "fatal: no SASL authentication mechanisms"

apt-get install libsasl2-modules
10. Courier-IMAP/Courier-POP3

   10.1) install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3/Courier-POP3-SSL (for POP3s on port 995):

apt-get install courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0

(questions:
      SSL certificate required <-- OK
)

   10.2) configure Postfix to deliver emails to a user's Maildir:

    postconf -e 'home_mailbox = Maildir/'
      postconf -e 'mailbox_command ='


10.3) /etc/init.d/postfix restart

10.4) test

telnet localhost imap / pop3 / IMAPs / pop3s

11. Anti-Spam / virus

   11.1) installation

    sudo apt-get install amavisd-new spamassassin clamav-daemon
    sudo apt-get install dkim-filter python-policyd-spf
    sudo apt-get install pyzor razor
    sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip zoo

or:

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax

   11.2) configuration

      a) ClamAV

add clamav user to the amavis group in order for
Amavisd-new to have the appropriate access to scan files
(sudo nano /etc/clamav)

     sudo adduser clamav amavis

      b) Spamassassin

sudo nano /etc/default/spamassassin

ENABLED=1 #activate the Spamassassin daemon

then start it: sudo /etc/init.d/spamassassin start

      c) Amavisd-new

1) activate spam and antivirus detection in Amavisd-new

         sudo nano /etc/amavis/conf.d/15-content_filter_mode

      @bypass_virus_checks_maps = (
         \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);

      @bypass_spam_checks_maps = (
          \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

       2) Bouncing spam is the default, you may discard it as bellow

      sudo nano /etc/amavis/conf.d/20-debian_defaults

      $final_spam_destiny = D_DISCARD;

       3) If host name is different from the domain's MX record you may need to
     manually set the $myhostname option.

      Also, if the server receives mail for multiple domains
     the @local_domains_acl option will need to be customized.

     sudo nano /etc/amavis/conf.d/50-user

     $myhostname = 'mail.99webhosting.com';

@local_domains_acl = ( "example.com", "example.org" );

or:

nano /etc/amavis/conf.d/50-user

$pax='pax';

        4) sudo /etc/init.d/amavis restart
/etc/init.d/clamav-daemon restart
/etc/init.d/clamav-freshclam restart

     d) DKIM Whitelist

         (once a domain has been added to the Whitelist, the message will not
    receive any anti-virus or spam filtering.)

          nano /etc/amavis/conf.d/40-policy_banks

     e) For Postfix integration

          1) sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'

or:

postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
         postconf -e 'receive_override_options = no_address_mappings'

    2) sudo nano /etc/postfix/master.cf

    (Note: add the following at the end. Don't leave space before the line
    "smtp-amavis" and "127.0.0.1:10025")

        smtp-amavis unix - - - - 2 smtp
           -o smtp_data_done_timeout=1200
      -o smtp_send_xforward_command=yes
      -o disable_dns_lookups=yes
      -o max_use=20

            127.0.0.1:10025 inet n - - - - smtpd
      -o content_filter=
      -o local_recipient_maps=
      -o relay_recipient_maps=
      -o smtpd_restriction_classes=
      -o smtpd_delay_reject=no
      -o smtpd_client_restrictions=permit_mynetworks,reject
      -o smtpd_helo_restrictions=
      -o smtpd_sender_restrictions=
      -o smtpd_recipient_restrictions=permit_mynetworks,reject
      -o smtpd_data_restrictions=reject_unauth_pipelining
      -o smtpd_end_of_data_restrictions=
      -o mynetworks=127.0.0.0/8
      -o smtpd_error_sleep_time=0
      -o smtpd_soft_error_limit=1001
      -o smtpd_hard_error_limit=1000
      -o smtpd_client_connection_count_limit=0
      -o smtpd_client_connection_rate_limit=0
      -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks

       (Note: Also add the following two lines immediately below the "pickup" transport service: )

       -o content_filter=
       -o receive_override_options=no_header_body_checks

   (Now restart Postfix: sudo /etc/init.d/postfix restart)

   11.3) test

       a) Amavisd-new SMTP is listening (directly in Ubuntu system)

         telnet localhost 10024
         Trying 127.0.0.1...
         Connected to localhost.
         Escape character is '^]'.
         220 [127.0.0.1] ESMTP amavisd-new service ready
         ^]

       b) In the Header of messages you should see:

         X-Spam-Level:
         X-Virus-Scanned: Debian amavisd-new at example.com
         X-Spam-Status: No, hits=-2.3 tagged_above=-1000.0 required=5.0 tests=AWL, BAYES_00
         X-Spam-Level:

      In addtion:

         1) to get the stuck message:

         postfix reload
         requeue the stuck messages:
         postsuper -r ALL
         wait for the messages to requeue (about a minute and a half should be good)
         postfix reload

         2) to display the config of /etc/postfix/main.cf)

         postconf -n

12. Apache/PHP5

11.0) nano /etc/apache2/apache2.conf

      (Look for “DirectoryIndex” and make it look like the following:)

      DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml default.htm default.html

11.1) to enable some Apache modules (SSL, rewrite, suexec, and include)

a2enmod ssl
     a2enmod rewrite
     a2enmod suexec
     a2enmod include

11.2) /etc/init.d/apache2 force-reload

11.3) test: http://192.168.1.101

http://192.168.1.101/test.php

(
nano /var/www/test.php

<?php
phpinfo();
?>

)

   (Default document root: /var/www, to change it by /etc/apache2/sites-available/default
The main configuration file located at /etc/apache2/apche2.conf.)

13. Webalizer

12.1) apt-get install webalizer

12.2) Synchronize the System Clock

apt-get install ntp ntpdate

12.3) configure

nano /etc/webalizer/webalizer.conf

LogFile /var/log/apache2/access.log

12.4) restart:

/etc/init.d/apache2 restart

12.5) Running Webalizer manually first time

/usr/bin/webalizer

12.6) test:

http://192.168.1.101/webalizer

14. BIND9

test:

1) /etc/init.d/bind9 restart
2) to add the ip of the DNS server (the localhost) to your /etc/resolv.conf to use it:

(nano /etc/resolv.conf)

echo "search 99webhosting.com" > /etc/resolv.conf
   echo "nameserver 127.0.0.1" >> /etc/resolv.conf

3) ping www.google.com

trouble-shooting:

nano /etc/bind/named.conf
nano /etc/bind/named.conf.options
nano /etc/bind/named.conf.local
nano /etc/bind/named.conf.default-zones

golfreeze · « **Reply #3 on:** มิถุนายน 27, 2011, 05:03:26 PM »

nano /var/cache/bind/weqiao.org.db

named-checkconf

nano /var/log/daemon.log then: /etc/init.d/bind9 start

15. mysql (to change passwd)

1) apt-get install mysql-server mysql-client libmysqlclient15-dev

(set a password for mysql root: mysqladmin -u root password YOURROOTSQLPASSWORD)

# mysql -u root -p

create database 99webhosting;
use 99webhosting

grant all privileges on *.* to 'XXX'@'localhost' identified by 'XXXXXXmysql' with grant option;
\q

test: http://192.168.1.101/phpmyadmin/

16. Remove unwanted packages

apt-get remove ppp pppconfig pppoeconf

17. Shutdown unwanted services from inetd

update-inetd --remove daytime
update-inetd --remove telnet
update-inetd --remove time
update-inetd --remove finger
update-inetd --remove talk
update-inetd --remove ntalk
update-inetd --remove ftp
update-inetd --remove discard

install VHCS
============

1. download

cd tmp

wget http://downloads.sourceforge.net/project/vhcs/VHCS%202.4/VHCS%202.4.8/vhcs-2.4.8.tar.bz2?use_mirror=iweb

tar xjvf vhcs-2.4.8.tar.bz2

cd vhcs-2.4.8

2. Configuration File

/tmp/vhcs-2.4.8/configs/vhcs2.conf
/etc/proftpd/proftpd.conf
/etc/bind/named.conf
/etc/postfix/main.cf
/etc/postfix/master.cf

1) nano configs/vhcs2.conf

DEFAULT_ADMIN_ADDRES = admin@99webhosting.com
    SERVER_HOSTNAME = server01
    BASE_SERVER_IP = 192.168.1.101
    DATABASE_TYPE = mysql
    DATABASE_HOST = localhost
    DATABASE_NAME = 99webhosting
    DATABASE_PASSWORD = XXXXXXmysql
    DATABASE_USER = XXX

DATE_FORMAT = m.d.Y

(
DATABASE_DIR = /media/disk500GB/CUSTOMER/mysql
SECONDARY_DNS = 192.168.1.102

APACHE_WWW_DIR = /media/disk500GB/CUSTOMER/www

APACHE_LOG_DIR = /media/disk500GB/log/apache2
APACHE_USERS_LOG_DIR = /media/disk500GB/log/apache2/users
APACHE_BACKUP_LOG_DIR = /media/disk500GB/log/apache2/backup

LOG_DIR = /media/disk500GB/log/vhcs2

TRAFF_LOG_DIR = /media/disk500GB/log

MTA_VIRTUAL_MAIL_DIR = /media/disk500GB/CUSTOMER/Email

DFtpDir = /media/disk500GB/CUSTOMER/www/
FTP_HOMEDIR = /media/disk500GB/CUSTOMER/www

BACKUP_FILE_DIR = /media/disk500GB/backup_by_VHCS2
)

3. make install

4. cp -R /tmp/vhcs-2.4.8/* /

5. to run the setup for vhcs:

/var/www/vhcs2/engine/setup/vhcs2-setup

Please to enter system hostname (for Enter defaults) [debian]: server01
Please to enter system network address (for Enter defaults) [10.0.0.69 ]: 192.168.1. 101
Please to enter SQL server host (for Enter defaults) [localhost]:
Please to enter system SQL database (for Enter defaults) [vhcs2]: 99webhosting
Please to enter system SQL to user (for Enter defaults) [root]: XXX
Please to enter system SQL password (for Enter defaults) [none]: XXXXXXmysql
Please repeat system SQL password: password
Please to enter VHCS FTP SQL to user (for Enter defaults) [vftp]: ftp_XXX
Please to enter VHCS FTP SQL to user password (for Enter defaults) [none]: XXXXXXftp
Please repeat VHCS FTP SQL to user password: XXXXXXxxx
Please to enter administrator login name (for Enter defaults) [admin]:XXX
Please to enter administrator password: XXXXXXhost
Administrator Please repeat password: XXXXXXhost
Please to enter administrator email address: admin@99webhosting.com

6. access to VHCS2: http://192.168.1.101/vhcs2

fix proftpd
===========

cp /etc/proftpd.conf /etc/proftpd/proftpd.conf

1. nano /etc/proftpd/proftpd.conf

include /etc/proftpd/modules.conf

DisplayfirstChdir -> DisplayChdir

in addition:
------------

ServerIdent    on "FTP Server Ready"
UseIPv6    off

2. nano /etc/proftpd/modules.conf

LoadModule mod_sql.c

LoadModule mod_sql_mysql.c

3. /etc/init.d/proftpd restart

4. create a new user (ftp_XXX)

mysql -u root -p

CREATE USER 'ftp_XXX'@'localhost' IDENTIFIED BY 'XXXXXXftp';

GRANT SELECT ON `99webhosting`.`domain` TO 'ftp_XXX'@'localhost';
GRANT SELECT ON `99webhosting`.`ftp_users` TO 'ftp_XXX'@'localhost';

FLUSH PRIVILEGES;

\q

5. test: telnet localhost ftp

///

chinese
-------

security
--------

There also seems to be a very serious security flaw in the admin section.
Your vhcs installation can easily be hacked by hackers. To prevent this,
add a ip filter on the admin section. This does require advance knowledge
of apache.

fix it
======
Notice: Undefined index: /dev/shm in /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php on line 525

Syntax error on line 4 of /etc/apache2/mods-enabled/fastcgi.conf:
FastCgiWrapper: "/usr/lib/apache2/suexec" execute access for server (uid 33, gid 33) failed: stat(/usr/lib/apache2/suexec) failed: No such file or directory
...fail!

apt-get install apache2-suexec2
apt-get remove apache2-suexec

@ Henrik: The notices depends on if you have safe_mode on or off.
Sarge: FastCgiWrapper /usr/lib/apache2/suexec2
Etch: FastCgiWrapper /usr/lib/apache2/suexec

/etc/apache2/mods-available/fastcgi.conf

<IfModule mod_fastcgi.c>
AddHandler fastcgi-script .fcgi
#FastCgiWrapper /usr/lib/apache2/suexec
FastCgiIpcDir /var/lib/apache2/fastcgi
</IfModule>

///////

<IfModule mod_fastcgi.c>
FastCgiWrapper /usr/lib/apache2/suexec2
FastCgiIpcDir /var/lib/apache2/fastcgi

FastCgiConfig -minProcesses 1 -maxProcesses 10 -singleThreshold 100 -killInterval 300 -autoUpdate -idle-timeout 240 -pass-header HTTP_AUTHORIZATION

FastCgiServer /var/www/fcgi/master/php4-fcgi-starter -user vu2000 -group vu2000

Action php4-fcgi-starter /php4/php4-fcgi-starter
Action php5-fcgi-starter /php5/php5-fcgi-starter

# For PHP4 support
<Location /php4/>
Options +ExecCGI
SetHandler php4-fcgi-starter
</Location>
AddType application/x-httpd-php4 .php .php3 .php4
Action /php4/php4.ini

# For PHP5 support
<Location /php5/>
Options +ExecCGI
SetHandler php5-fcgi-starter
</Location>
AddType application/x-httpd-php5 .php5
Action /php5/php5.ini

AddHandler php4-fastcgi .php .php4 .php3
AddHandler php5-fastcgi .php5

</IfModule>

7. trouble-shooting:

Modules [Crypt::CBC, Crypt::Blowfish, Crypt::PasswdMD5] WAS NOT FOUND

apt-get install libmime-perl

configure CPAN
cpan

(mostly the defaults will work)
upgrade cpan (optional ; and kind of a drawn out process):

install Bundle::CPAN
reload cpan
install Crypt::Blowfish

install Crypt::CBC
install Carp::Clan
install Bit::Vector

install Date::Calc
install ExtUtils::MakeMaker

install HTML::Tagset
install HTML::Parser

install IO::Stringy
install Mail::Field
install Mail::Header
install Mail::Internet

install MIME::Base64
install MIME::Tools
install MIME::Entity
install MIME::Parser

install DBD::mysql

install Term::ReadPassword

install Crypt::PasswdMD5

@ Henrik: The notices depends on if you have safe_mode on or off.
Sarge: FastCgiWrapper /usr/lib/apache2/suexec2
Etch: FastCgiWrapper /usr/lib/apache2/suexec

how to switch proftpd to PURE-FTPD for VHCS2
============================================

0. Backing up old files (optional)

cp /etc/vhcs2/vhcs2.conf /etc/vhcs2/vhcs2.conf.bak
cp /var/www/vhcs2/engine/quota/vhcs2-dsk-quota /var/www/vhcs2/engine/quota/vhcs2-dsk-quota.bak

1. remove proftpd (and or pure-ftpd)

apt-get remove --purge proftpd
rm -rf /etc/proftpd && rm /etc/proftpd.conf

2. Installing the necessary packages

apt-get install pure-ftpd-mysql pure-ftpd-common

3. configure pure-ftpd

1) Stop PureFTPD before modifying configuration files

/etc/init.d/pure-ftpd-mysql stop

or:

sudo fuser -n tcp 21
sudo kill [pid]

2) configure (the configuration files are placed in the etc/pure-ftpd/conf directory, We need to create the different configuration files that are going to be used

    echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone
   echo "yes" > /etc/pure-ftpd/conf/BrokenClientsCompatibility
   echo "100" > /etc/pure-ftpd/conf/MaxClientsNumber
   echo "yes" > /etc/pure-ftpd/conf/Daemonize
   echo "4" > /etc/pure-ftpd/conf/MaxClientsPerIP
   echo "yes" > /etc/pure-ftpd/conf/DisplayDotFiles
   echo "no" > /etc/pure-ftpd/conf/AnonymousOnly
   echo "yes" > /etc/pure-ftpd/conf/NoAnonymous
   echo "ftp" > /etc/pure-ftpd/conf/SyslogFacility
   echo "yes" > /etc/pure-ftpd/conf/DontResolve
   echo "5" > /etc/pure-ftpd/conf/MaxIdleTime
   echo "no" > /etc/pure-ftpd/conf/PAMAuthentication
   echo "no" > /etc/pure-ftpd/conf/UnixAuthentication
   echo "10000 3" > /etc/pure-ftpd/conf/LimitRecursion
   echo "no" > /etc/pure-ftpd/conf/AnonymousCanCreateDirs
   echo "4" > /etc/pure-ftpd/conf/MaxLoad
   echo "yes" > /etc/pure-ftpd/conf/AntiWarez
   echo "133 022" > /etc/pure-ftpd/conf/Umask
   echo "2000" > /etc/pure-ftpd/conf/MinUID
   echo "yes" > /etc/pure-ftpd/conf/AllowUserFXP
   echo "no" > /etc/pure-ftpd/conf/AllowAnonymousFXP
   echo "no" > /etc/pure-ftpd/conf/ProhibitDotFilesWrite
   echo "no" > /etc/pure-ftpd/conf/ProhibitDotFilesRead
   echo "no" > /etc/pure-ftpd/conf/AutoRename
   echo "yes" > /etc/pure-ftpd/conf/AnonymousCantUpload
   echo "clf:/var/log/pureftpd/transfers.log" > /etc/pure-ftpd/conf/AltLog
   echo "no" > /etc/pure-ftpd/conf/NoChmod
   echo "no" > /etc/pure-ftpd/conf/CreateHomeDir
   echo "95" > /etc/pure-ftpd/conf/MaxDiskUsage
   echo "yes" > /etc/pure-ftpd/conf/CustomerProof

4. create a new user (vhcs2_ftp)

mysql -u root -p

CREATE USER 'vhcs2_ftp'@'localhost' IDENTIFIED BY 'password';

GRANT SELECT ON `vhcs2`.`domain` TO 'vhcs2_ftp'@'localhost';
GRANT SELECT ON `vhcs2`.`ftp_users` TO 'vhcs2_ftp'@'localhost';

FLUSH PRIVILEGES;

5. sudo nano /etc/pure-ftpd/db/mysql.conf

##############################################
# #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations. #
# #
##############################################

# Optional : MySQL server name or IP. Don't define this for unix sockets.

# MYSQLServer 127.0.0.1

# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort 3306

# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket /var/run/mysqld/mysqld.sock

# Mandatory : user to bind the server as.

MYSQLUser vhcs2_ftp
# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort 3306

# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket /var/run/mysqld/mysqld.sock

# Mandatory : user to bind the server as.

MYSQLUser vhcs2_ftp
# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort 3306

# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket /var/run/mysqld/mysqld.sock

# Mandatory : user to bind the server as.

MYSQLUser vhcs2_ftp

# Mandatory : user password. You must have a password.

MYSQLPassword password

# Mandatory : database to open.

MYSQLDatabase vhcs2

# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "md5" *and* "password"

MYSQLCrypt any

# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.

# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.

# Query to execute in order to fetch the password

MYSQLGetPW SELECT passwd FROM ftp_users WHERE userid="\L"

MYSQLGetUID SELECT uid FROM ftp_users WHERE userid="\L"

# Optional : default UID - if set this overrides MYSQLGetUID

#MYSQLDefaultUID 1000

# Query to execute in order to fetch the system user group or gid

MYSQLGetGID SELECT gid FROM ftp_users WHERE userid="\L"

# Optional : default GID - if set this overrides MYSQLGetGID

#MYSQLDefaultGID 1000

# Query to execute in order to fetch the home directory

MYSQLGetDir SELECT homedir FROM ftp_users WHERE userid="\L"

# Optional : query to get the maximal number of files

# MySQLGetQTAFS SELECT QuotaFiles FROM users WHERE User="\L"

# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTASZ SELECT domain.domain_disk_limit FROM domain,ftp_users WHERE ftp_users.userid="\L" and ftp_users.uid=do$

# Optional : ratios. The server has to be compiled with ratio support.
GNU nano 2.0.9 File: /etc/pure-ftpd/db/mysql.conf

# MySQLGetRatioUL SELECT ULRatio FROM users WHERE User="\L"
# MySQLGetRatioDL SELECT DLRatio FROM users WHERE User="\L"

# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .

# MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L"
# MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L"

# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.

# MySQLForceTildeExpansion 1

# If you upgraded your tables to transactionnal tables (Gemini,
# BerkeleyDB, Innobase...), you can enable SQL transactions to
# avoid races. Leave this commented if you are using the
# traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.

# MySQLTransactions On

6. Starting Pure-FTPD

/etc/init.d/pure-ftpd-mysql start

sudo fuser -n tcp 21

Golfreeze.packetlove.com: Life style of Golfreeze Canon400D Family kammtan.com Jazz Freebsd Unix Linux System Admin guitar Music

News:

Author Topic: install vhcs2.4.8 on debian (Read 32452 times)

golfreeze

install vhcs2.4.8 on debian

golfreeze

Re: install vhcs2.4.8 on debian

golfreeze

Re: install vhcs2.4.8 on debian

golfreeze

Re: install vhcs2.4.8 on debian