Perfect server on Ubuntu 18.04 Nginx, MySQL, PHP, Postfix, BIND, Dovecot, Pure-FTPD z panelem ISPConfig 3.1
In today's tutorial I will describe the process of preparing a fully functioning web server along with free panel for managing the ISPConfig.
Guidance has been prepared under the latest version of Ubuntu 18.04
For starters make changes in the system hostname. This step was describing in this guide.
We log on as root command:
1 | sudo -s |
I enter the password. Then install our favorite text file editor, for example, nano:
1 | apt-get install nano |
The next step is to set repositories in /etc/apt/sources.list
we command them:
1 | nano /etc/apt/sources.list |
The file should look like this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 | # # deb cdrom:[Ubuntu-Server 18.04 LTS _Bionic Beaver_ - Release amd64 (20180425.1)]/ bionic main restricted #deb cdrom:[Ubuntu-Server 18.04 LTS _Bionic Beaver_ - Release amd64 (20180425.1)]/ bionic main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://de.archive.ubuntu.com/ubuntu/ bionic main restricted # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://de.archive.ubuntu.com/ubuntu/ bionic-updates main restricted # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ bionic universe # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic universe deb http://de.archive.ubuntu.com/ubuntu/ bionic-updates universe # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://de.archive.ubuntu.com/ubuntu/ bionic multiverse # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic multiverse deb http://de.archive.ubuntu.com/ubuntu/ bionic-updates multiverse # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse # deb-src http://de.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu bionic partner # deb-src http://archive.canonical.com/ubuntu bionic partner deb http://security.ubuntu.com/ubuntu bionic-security main restricted # deb-src http://security.ubuntu.com/ubuntu bionic-security main restricted deb http://security.ubuntu.com/ubuntu bionic-security universe # deb-src http://security.ubuntu.com/ubuntu bionic-security universe deb http://security.ubuntu.com/ubuntu bionic-security multiverse # deb-src http://security.ubuntu.com/ubuntu bionic-security multiverse |
Then we make an update repositories and system updates:
1 2 | apt-get update apt-get upgrade |
To be sure proper operation of the system and save all the changes make the system reboot command:
reboot
After the restart, re-log in to the root account on the system and make changes in the system shell.
We can make this command:
1 | dpkg-reconfigure dash |
The Communication select the option that is not well:
1 | Use dash as the default system shell (/bin/sh)? <-- No |
Turn off AppArmor
AppArmor is a security extension (Similar to SELinux), which should provide enhanced security. check, is installed, and, if necessary, remove it. I do not think we need it to set up a secure system and usually causes more problems than benefits.
Deactivation will be done by issuing the command:
1 2 3 | service apparmor stop update-rc.d -f apparmor remove apt-get remove apparmor apparmor-utils |
We synchronize the time on a server with the NTP server
1 | apt-get -y install ntp ntpdate |
Install Postfix, Dovecot, MariaDB, phpMyAdmin, rkhunter, Binutils
Minor point here to install the necessary posfixa uninstall sendmail. We can make this command:
1 | service sendmail stop; update-rc.d -f sendmail remove |
Then install all packages:
1 | apt-get -y install postfix postfix-mysql postfix-doc mariadb-client mariadb-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve dovecot-lmtpd sudo |
The installer will ask you for an 2 options you select as below:
1 2 | General type of mail configuration: <-- Internet Site System mail name: <-- nasz_hostname_serwera.pl |
Run TLS / SSL postfix
edit file:
1 | nano /etc/postfix/master.cf |
And since we comment section smtpd_client_restrictions=permit_sasl_authenticated,reject
The whole should look like this:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 | [...] submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING [...] |
After making changes to make to restart posfixa
1 | service postfix restart |
We want to, aby MariaDB / MySQL is not only on localhost. Therefore we edit the file /etc/mysql/mariadb.conf.d/50-server.cnf (for MariaDB or /etc/mysql/my.cnf (for MySQL) and comment out the line bind-address = 127.0.0.1:
1 | nano /etc/mysql/mariadb.conf.d/50-server.cnf |
We add # przy bind-address
1 2 3 4 5 | [...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...] |
Set the root password mysql server and pass the basic configuration with the command:
1 | mysql_secure_installation |
We answer questions like:
1 2 3 4 5 6 7 | Enter current password for root (enter for none): <-- klikamy enter bo nie mamy ustawionego hasła Set root password? [Y/n] <-- y New password: <-- Wprowadź tutaj nowe hasło roota Re-enter new password: <-- Powtórz hasło Remove anonymous users? [Y/n] <-- y Disallow root login remotely? [Y/n] <-- y Reload privilege tables now? [Y/n] <-- y |
We set the password authentication method for native, so that we can later PHPMyAdmin to connect as the root user:
echo “update mysql.user set plugin = ‘mysql_native_password’ where user=’root’;” | mysql -u root
File Modification /etc/mysql/debian.cnf and set the root password
1 | nano /etc/mysql/debian.cnf |
Below the modified file looks like this:
1 2 3 4 5 6 7 8 9 10 11 12 | # Automatically generated for Debian scripts. DO NOT TOUCH! [client] host = localhost user = root password = HASLO ROOT socket = /var/run/mysqld/mysqld.sock [mysql_upgrade] host = localhost user = root password = HASLO ROOT socket = /var/run/mysqld/mysqld.sock basedir = /usr |
Edit your /etc/mysql/my.cnf and monitoring local MySQL Hashing
1 | nano /etc/mysql/my.cnf |
The file should look like this:
1 2 3 4 5 | [...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...] |
We make a server restart mysql command:
1 | service mysql restart |
Installation Amavisd-new, SpamAssassin, And ClamAV
1 | apt-get -y install amavisd-new spamassassin clamav clamav-daemon unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey |
To update antivirus signatures ClamAV and start the clamd spend the following commands:
1 2 | freshclam service clamav-daemon start |
Virus database update can take a while, please be patient to wait.
You can ignore the following error when you first start freshclam.
1 2 | ERROR: /var/log/clamav/freshclam.log is locked by another process ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). |
Amavisd-new program now contains an error in Ubuntu 18.04, which prevents proper signing e-mails with DKIM. Run the following command, to attach amavisd-new.
1 2 3 4 5 | cd /tmp wget https://git.ispconfig.org/ispconfig/ispconfig3/raw/stable-3.1/helper_scripts/ubuntu-amavisd-new-2.11.patch cd /usr/sbin cp -pf amavisd-new amavisd-new_bak patch < /tmp/ubuntu-amavisd-new-2.11.patch |
We make install Nginx, PHP 7.2 (PHP-FPM), and Fcgiwrap
Nginx install command:
1 | apt-get install nginx |
We remove the Apache web server:
1 2 | service apache2 stop update-rc.d -f apache2 remove |
Start the server Nginx
1 | service nginx start |
install PHP
1 | apt-get -y install php7.2-fpm |
Then we are retrieving PHP modules and their installation will be done.
1 | apt-cache search php7.2 |
1 | apt-get -y install php7.2 php7.2-common php7.2-gd php7.2-mysql php7.2-imap php7.2-cli php7.2-cgi php-pear mcrypt imagemagick libruby php7.2-curl php7.2-intl php7.2-pspell php7.2-recode php7.2-sqlite3 php7.2-tidy php7.2-xmlrpc php7.2-xsl memcached php-memcache php-imagick php-gettext php7.2-zip php7.2-mbstring php-soap php7.2-soap |
Edit the php.ini file
we make changes 2 lines
1 | nano /etc/php/7.2/fpm/php.ini |
And change:
1 | cgi.fix_pathinfo=0 |
And
1 | date.timezone="Europe/Warsaw" |
We do php reload command:
1 | service php7.2-fpm reload |
Install the package FCIWRAP thanks to him ISPConfig will take care of the correct configuration vhost.
1 | apt-get -y install fcgiwrap |
We install and configure phpMyAdmin
1 | apt-get -y install phpmyadmin php-mbstring php-gettext |
and configure
1 2 | Web server to reconfigure automatically: <-- Wybierz none MySQL application password for phpmyadmin: <-- Klikamy Enter |
Installation Let's Encrypt
1 2 | apt-get -y install certbot certbot register |
ISPConfig also allows you to manage (create / modify / delete) Mailman mailing lists. If you want to use this feature, Mailman install as follows:
1 | apt-get -y install mailman |
Select at least one language, for example, .:
1 2 | Languages to support: <-- en (English) Missing site list <-- Ok |
We command and answer questions
1 | newlist mailman |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | root@server1:~# newlist mailman Enter the email of the person running the list: <-- admin email address, e.g. listadmin@example.com Initial mailman password: <-- admin password for the mailman list To finish creating your mailing list, you must edit your /etc/aliases (or equivalent) file by adding the following lines, and possibly running the `newaliases' program: ## mailman mailing list mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" |
1 | Hit enter to notify mailman owner... <-- ENTER |
root@server1:~#
edit / etc / aliases and add:
1 2 3 4 5 6 7 8 9 10 11 12 13 | nano /etc/aliases <pre class="">## mailman mailing list mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman" |
reload, restatartujemy run postfix and mailman
1 2 3 | newaliases service postfix restart service mailman start |
Install pure-ftpd and Quota
1 | apt-get -y install pure-ftpd-common pure-ftpd-mysql quota quotatool |
Edit / etc / default / pure-ftpd-common and set in the following manner
1 | nano /etc/default/pure-ftpd-common |
1 2 3 4 5 | [...] STANDALONE_OR_INETD=standalone [...] VIRTUALCHROOT=true [...] |
Run TLS and SSL for FTP Server:
1 | echo 1 > /etc/pure-ftpd/conf/TLS |
1 | mkdir -p /etc/ssl/private/ |
1 | openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem |
We give your details as below:
1 2 3 4 5 6 7 | Country Name (2 letter code) [AU]: <-- PL"). State or Province Name (full name) [Some-State]:<-- Poland Locality Name (eg, city) []:<-- Warszawa. Organization Name (eg, company) [Nazwa firmy Serwerweb.pl). Organizational Unit Name (eg, section) []:<-- nazwa firmy Serwerweb.pl"). Common Name (eg, YOUR name) []:<-- nazwa naxzej domeny serwerweb.pl). Email Address []:<-- nasz adres e-mail |
We give chmod and restart the FTP server
1 2 | chmod 600 /etc/ssl/private/pure-ftpd.pem service pure-ftpd-mysql restart |
Installing a DNS server BIND
1 | apt-get -y install bind9 dnsutils haveged |
1 2 | systemctl enable haveged service haveged start |
Installation Vlogger, Webalizer, and AWStats
1 | apt-get -y install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl |
We do /etc/cron.d/awstats editing a file and comment on it in the manner described below:
1 | nano /etc/cron.d/awstats |
1 2 3 4 5 6 | #MAILTO=root #*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh # Generate static reports: #10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh |
Installation Jailkit
1 | apt-get -y install build-essential autoconf automake1.11 libtool flex bison debhelper binutils |
1 2 3 4 5 | cd /tmp wget http://olivier.sessink.nl/jailkit/jailkit-2.19.tar.gz tar xvfz jailkit-2.19.tar.gz cd jailkit-2.19 echo 5 > debian/compat |
The current version Jailkit 2.19 It has a syntax error, which makes it impossible to compile. To fix this, open debian / changelog using nano:
1 | nano debian/changelog |
And add the following line in the 5, followed by a blank line:
1 | -- Olivier <olivier@marshall> Wed, 18 Nov 2015 20:38:44 +0100 |
We make recompilation
1 2 3 4 | ./debian/rules binary cd .. dpkg -i jailkit_2.19-1_*.deb rm -rf jailkit-2.19* |
UFW and install fail2ban
1 | apt-get -y install fail2ban |
1 | apt-get -y install ufu |
Then create a file:/etc / fail2ban / jail.local with the following content:
1 | nano /etc/fail2ban/jail.local |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | [pure-ftpd] enabled = true port = ftp filter = pure-ftpd logpath = /var/log/syslog maxretry = 3 [dovecot] enabled = true filter = dovecot action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [postfix] enabled = true port = smtp filter = postfix logpath = /var/log/mail.log maxretry = 3 |
We make reloading services
s
1 | ervice fail2ban restart |
Installing Roundcube Webmail
1 | apt-get -y install roundcube roundcube-core roundcube-mysql roundcube-plugins javascript-common libjs-jquery-mousewheel php-net-sieve tinymce |
When you choose the configuration as follows:
1 2 | Configure database for roundcube with dbconfig-common? <-- Yes MySQL application password for roundcube: <-- enter |
/Etc/roundcube/config.inc.php edit the file and change the default host
1 | nano /etc/roundcube/config.inc.php |
1 | $config['default_host'] = 'localhost'; |
Installing ISPConfig 3.1
To be sure, we stop Apache, We remove it and restart Nginx
1 2 3 | service apache2 stop update-rc.d -f apache2 remove service nginx restart |
We grab the latest version of the pedal and it unpack ISPConfig.
1 2 3 4 | cd /tmp wget -O ispconfig.tar.gz https://git.ispconfig.org/ispconfig/ispconfig3/repository/archive.tar.gz?ref=stable-3.1 tar xfz ispconfig.tar.gz cd ispconfig3*/install/ |
Run the installation script:
1 | php -q install.php |
We answer questions like:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | -------------------------------------------------------------------------------- _____ ___________ _____ __ _ ____ |_ _/ ___| ___ \ / __ \ / _(_) /__ \ | | \ `--.| |_/ / | / \/ ___ _ __ | |_ _ __ _ _/ / | | `--. \ __/ | | / _ \| '_ \| _| |/ _` | |_ | _| |_/\__/ / | | \__/\ (_) | | | | | | | (_| | ___\ \ \___/\____/\_| \____/\___/|_| |_|_| |_|\__, | \____/ __/ | |___/ -------------------------------------------------------------------------------- >> Initial configuration Operating System: Ubuntu 18.04 LTS (Bionic Beaver) Following will be a few questions for primary configuration so be careful. Default values are in [brackets] and can be accepted with <ENTER>. Tap in "quit" (without the quotes) to stop the installer. Select language (en,de) [en]: <-- ENTER Installation mode (standard,expert) [standard]: <-- ENTER Full qualified hostname (FQDN) of the server, eg PODAJEMY NASZ HOSTNAME [: <-- ENTER MySQL server hostname [localhost]: <-- ENTER MySQL server port [3306]: <-- ENTER MySQL root username [root]: <-- ENTER MySQL root password []: <--HASŁO MYSQL ROOT MySQL database to create [dbispconfig]: <-- ENTER MySQL charset [utf8]: <-- ENTER Configuring Postgrey Configuring Postfix Generating a 4096 bit RSA private key .................................................................................................................................................................................................................................................................................................................................................................................................................++ ...++ writing new private key to 'smtpd.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: <-- enter your 2 letter country code, e.g. DE in my case State or Province Name (full name) [Some-State]: <-- Enter your home state Locality Name (eg, city) []: <-- Enter your city, in my case Lueneburg Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your company name, in my case ISPConfig UG Organizational Unit Name (eg, section) []: <-- Enter your Organisational unit name, I use IT here Common Name (e.g. server FQDN or YOUR name) []: <-- Enter the server hostname, in my case server1.example.com Email Address []: <-- Enter an email address, e.g. hostmaster@server1.example.com Configuring Mailman Configuring Dovecot Configuring Spamassassin Configuring Amavisd Configuring Getmail Configuring Jailkit Configuring Pureftpd Configuring BIND Configuring nginx [INFO] service OpenVZ not detected Configuring Ubuntu Firewall Configuring Metronome XMPP Server writing new private key to 'localhost.key' ----- Country Name (2 letter code) [AU]: <-- Enter your 2 letter country code, e.g. DE in my case Locality Name (eg, city) [City Name]: <-- Enter your city, in my case Lueneburg Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your company name, in my case ISPConfig UG Organizational Unit Name (eg, section) [Infrastructure]: <-- Enter your Organisational unit name, I use IT here Common Name (e.g. server FQDN or YOUR name) [server1.example.com]: <-- Enter the server hostname, in my case server1.example.com Email Address [hostmaster@server1.example.com]: <-- Enter an email address, e.g. hostmaster@server1.example.com IMPORTANT: Localhost Key, Csr and a self-signed Cert have been saved to /etc/metronome/certs In order to work with all clients, the server must have a trusted certificate, so use the Csr to get a trusted certificate from your CA or replace Key and Cert with already signed files for your domain. Clients like Pidgin dont allow to use untrusted self-signed certificates. Configuring Fail2ban Configuring Apps vhost Installing ISPConfig ISPConfig Port [8080]: <-- ENTER Admin password [admin]: <-- Enter your desired admin password Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- ENTER Generating RSA private key, 4096 bit long modulus ....................................................++ ........................++ e is 65537 (0x10001) You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: <-- enter your 2 letter country code, e.g. DE in my case State or Province Name (full name) [Some-State]: <-- Enter your home state Locality Name (eg, city) []: <-- Enter your city, in my case Lueneburg Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your company name, in my case ISPConfig UG Organizational Unit Name (eg, section) []: <-- Enter your Organisational unit name, I use IT here Common Name (e.g. server FQDN or YOUR name) []: <-- Enter the server hostname, in my case server1.example.com Email Address []: <-- Enter an email address, e.g. hostmaster@server1.example.com Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: <-- ENTER An optional company name []: <-- ENTER writing RSA key Configuring DBServer Installing ISPConfig crontab Installing ISPConfig crontab no crontab for root no crontab for getmail Detect IP addresses Restarting services ... Installation completed. The installer automatically configures all underlying services, so there is no manual configuration needed. Afterwards you can access ISPConfig 3 under http(s)://server1.example.com:8080/ or http(s)://192.168.1.100:8080/ ( http or https depends on what you chose during installation). Log in with the username admin and the password admin (you should change the default password after your first login): |
Finished script has been installed and is available at https://ipserwera:8080
The default data to the panel admin login password is admin
In this way we have a fully operational and configured web server once the mail server databases and ftp.
Source: https://www.howtoforge.com/tutorial/perfect-server-ubuntu-18.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
Hey,
At the outset, thank you for the tutorial, fell from heaven
But I have a problem: the point where: nano /etc/postfix/master.cf
My configuration is slightly different from your, for example,. I do not have any option smtpd_client_restrictions = permit_sasl_authenticated,reject
I enclose what I:
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (no) (never) (100)
smtp inet n – y smtpd
#smtp inet n y 1 postscreen
#smtpd pass – y smtpd
#dnsblog unix – Y 0 dnsblog
#tlsproxy unix – Y 0 tlsproxy
#submission inet n y smtpd
# -o syslog_name=postfix/submission
# -o smtpd_tls_security_level=encrypt
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_tls_auth_only=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=ftua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#smtps inet n y smtpd
# -o syslog_name=postfix/smtps
# -o smtpd_tls_wrappermode=yes
# -o smtpd_sasl_auth_enable=yes
# -o smtpd_reject_unlisted_recipient=no
# -o smtpd_client_restrictions=$mua_client_restrictions
# -o smtpd_helo_restrictions=ftua_helo_restrictions
# -o smtpd_sender_restrictions=$mua_sender_restrictions
# -o smtpd_recipient_restrictions=
# -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
# -o milter_macro_daemon_name=ORIGINATING
#628 inet n and qmqpd
and n pickup unix 60 1 pickup
cleanup unix n y 0 cleanup
qmgr unix n n 300 1 qmgr
Is there something wrong I did in the previous stage? It is is simply a newer version postfix and something else called?
This is probably a newer version 😉
Guidance for some time already.
As long as you comment on what I gave in the guide, the whole thing will work properly 🙂
Note that when you have your entries #hasz
Contains an error in the code file:
nano /etc/mysql/my.cnf
Because the caption file content:
nano /etc/mysql/mariadb.conf.d/50-server.cnf
Thanks for the information.!
Somehow twin looks
https://www.howtoforge.com/tutorial/perfect-server-ubuntu-18.04-with-apache-php-myqsl-pureftpd-bind-postfix-doveot-and-ispconfig/
😀
surely.
For something must be modeled. Not everyone is fluent in English so that they know what they are doing in a given guide 😉
You should specify the source. And so it went plagiarism.
Actually.
Ready.
Hello,
Unfortunately after entirely cornet, postfix server and running ISPConfig but unfortunately it did not work either phpmyadmin or roundcube. The second issue regards to this, I have a domain in az.pl and do not quite know how to direct it to your server at home. I have a variable ip address but it changes every few months. Is anyone able to help me in the server configuration ?
After installation, is not going to install any other php error:
dpkg: error processing package pure-ftpd-mysql (–configure):
installed pure-ftpd-mysql package post-installation script subprocess returned error exit status 127
Errors were encountered while processing:
pure-ftpd-mysql
Try it:
apt-get install -y inetutils-inetd
update-inetd
and
apt –fix-broken install