How To Install ISPConfig3 on an Ubuntu 14.04 Server

Preconditions

Before beginning, a domain name should be pointed at the server that would be used.

User with sudo privileges  also must  be required. To begin, log in as this user.

Upgrade the System

You must update the local package index before doing this:

sudo apt-get update
sudo apt-get upgrade

Verify Hostname are Configured Correctly

Hostname should be correctly configured. we will be assuming that we are setting up a domain name as  server.test.com  and the server’s IP address is  111.111.111.111.

It needs to be verified that our hostname is correctly configured. Taking a look at file of our hosts:

sudo vi /etc/hosts

It may look like this:

127.0.0.1           localhost server.test.com server

We intend to make our hostnames utilize our public IP address. This can be done by dividing the line into two lines and aiming the domain name portion to our public IP address:

127.0.0.1           localhost
111.111.111.111     server.test.com server

Ensure   hostname   also has the correct domain name:

sudo vi /etc/hostname

you can change the value:

server.test.com

You should ensure that the system utilizes the new value by entering:

sudo hostname -F /etc/hostname

Change System Settings

you would want  to disable AppArmor, as it is  not compatible with ISPConfig.

sudo service apparmor stop

you also need  to unload its profiles by entering:

sudo service apparmor teardown

Similarly, this service should not be started at boot:

sudo update-rc.d -f apparmor remove

you can remove  associated packages and files:

sudo apt-get remove apparmor

furthermore, shell needs, For system processes, As Ubuntu utilizes the dash  shell, but ISPConfig utilizes added functionality specifically provided by bash.  Thus, bash  can be set to be the default system shell by entering:

sudo dpkg-reconfigure dash

When prompted, select “No” for having the utility reconfigure the system shell pointer for using bash  rather than dash.

Install Additional Components

We will need to deploy basic LAMP (Linux, Apache, MySQL, PHP) components, anti-virus scanning software for our mail,mail software, and other packages which is needed components for ISPCONFIG.

you can do that by typing single command:

sudo apt-get install apache2 apache2-utils libapache2-mod-suphp libapache2-mod-fastcgi libapache2-mod-python libapache2-mod-fcgid apache2-suexec libapache2-mod-php5 php5 php5-fpm php5-gd php5-mysql php5-curl php5-intl php5-memcache php5-memcached php5-ming php5-ps php5-xcache php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-imap php5-cgi php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libruby memcached phpmyadmin postfix postfix-mysql postfix-doc mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve mailman amavisd-new spamassassin clamav clamav-daemon zoo unzip zip arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl libnet-dns-perl bind9 dnsutils vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl squirrelmail pure-ftpd-common pure-ftpd-mysql snmp

During the installation process , You can select  a language as(English) and continue. Also, you need to confirm of a password for  MySQL administrative user.

SSL certificate needs to  be created for dovecot. Select “Yes”. Enter the name as “commonName” for your SSL certificate, which will be your (FQDN)fully qualified domain name:

server.test.com

Likewise, for postfix you will be asked to configure mail. Select Internet Site.  then you can set your domain name as the system mail name.

server.test.com

Similarly, Select “apache2” and press “SPACE” for installing  phpMyAdmin, the software that possesses the capability of automatically configuring itself depending upon your web server.  Now hit “TAB” then “ENTER” for making the selection.

Next Select “Yes” to enter the MySQL administrator account’s password that you had selected above to configure the database for phpMyAdmin using dbconfig-common. . Then you need to perform selection and confirmation of a password for the phpMyAdmin user.

Now all your components are installed.

Mail Configuration

You can open the default configuration file  with your favourite editor:

sudo vi /etc/postfix/master.cf

you have to uncomment the line at the submission service alongwith the starting three option lines below, and the smtps service and the beginning three option lines for that one also:

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
. . .
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes

Now, under both the services an additional option needs to be added. It would be similar for each:

submission inet n       -       -       -       -       smtpd
  -o syslog_name=postfix/submission
  -o smtpd_tls_security_level=encrypt
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject
. . .
smtps     inet  n       -       -       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_client_restrictions=permit_sasl_authenticated,reject

On finishing, save and close the file.

You also have to configure mailman to manage mailing list.

In the beginning, you can  make a new list:

sudo newlist mailman

You can provide the email to be linked with the list. Also, don’t forget to select a password.

A long list of aliases would be outputted by the script. Those should  be added to the /etc/aliases  file’s bottom:

sudo vi /etc/aliases

It will look like this:

postmaster:     root
mailman:              "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

After everything is done, save and close the file.

You need to make Postfix  aware of the added aliases by typing:

sudo newaliases

Start the mailman service:

sudo service mailman start

Restart the  postfix  service for enabling mail changes:

sudo service postfix restart

 Also stop and disable spamassassin. This is required as ISPConfig says that it is not required to run all the time:

sudo service spamassassin stop

The server can then be told to not start it at the boot again:

sudo update-rc.d -f spamassassin remove

LAMP Configuration

you have to enable mcrypt  functionality in PHP:

sudo php5enmod mcrypt

Also, enable few Apache modules that we installed.

sudo a2enmod rewrite ssl actions include cgi dav_fs suexec dav auth_digest fastcgi alias

open the  suphp  configuration file:

sudo vi /etc/apache2/mods-available/suphp.conf
<IfModule mod_suphp.c>
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler application/x-httpd-suphp
    </FilesMatch>
        suPHP_AddHandler application/x-httpd-suphp
. . .

The top block should be replaced with a single command. On finishing, it will look like this:

<IfModule mod_suphp.c>
   AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml
   suPHP_AddHandler application/x-httpd-suphp

On finishing, save and close the file.

Create a symbolic link for the mailman Apache file manually by typing:

sudo ln -s /etc/mailman/apache.conf /etc/apache2/conf-available/mailman.conf

Then enable it  by typing:

sudo a2enconf mailman

If you plan to create sites that can host Ruby files, then you should comment out the.rb  files’processing in the mime.types  file. ISPConfig will manage this by itself:

sudo nano /etc/mime.types
application/x-rss+xml                           rss
#application/x-ruby                              rb
application/x-rx

On finishing, save and close the file.

Now, Apache needs to be restarted for implementing our changes:

sudo service apache2 restart

Miscellaneous Configuration

A few more system pieces needs to be edited.

AsISPConfig is utilizedoften for subdividing the server space for the purpose of reselling, FTP access to the clients is usually a requirement. All the necessary software has already been installed, but few adjustments are still remaining.

We will begin by editing the configuration of FTP server:

sudo nano /etc/default/pure-ftpd-common

We require to ensure that our FTP users are restricted to a chroot environment so that they are unable to intervene in the remaining system. This can be done by modifying the  VIRTUALCHROOT setting to  true:

VIRTUALCHROOT=true

As FTP is innately insecure, we will protect it with the TLS encryption. This can be set up by making a flag file that just contains the  1 character:

sudo nano /etc/pure-ftpd/conf/TLS
1

Next, a self-signed certificate needs to be created which can be utilized by the process. This can be done by calling:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

This certificate holds validity of one year. Some prompts needs to be answered. Provide them your information. The  Common Name  is probably the most crucial part.

The key file needs to be locked out afterwards by typing:

sudo chmod 600 /etc/ssl/private/pure-ftpd.pem

On finishing all this, restart the service:

sudo service pure-ftpd-mysql restart

This should permit our FTP daemon for utilizing encryption.

A reason to get FTP set up on the system is due to deploying a monitoring daemon named awstats which is configured for expecting the existence of this particular service.

ISPConfig will call awstats  as required, so that it need not rely upon the cron  job which is usually utilizedfor polling the server. This can be removed by typing:

sudo rm /etc/cron.d/awstats

Install ISPConfig

Now the actual ISPConfig software can be installed.

This can be done by downloading the most recent stable version to our server. The most advanced stable version with a direct link available is version 3 at present. Installation will be updated once we get everything deployed.

Now, you need to change to your home directory and the project should be downloaded using wget:

cd ~
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz

On completion of download, the directory structure should be extracted and moved into the  install subdirectory of the folder structure that’s extracted:

tar xzvf ISPConfig*
cd ispconfig3_install/install/

Now, the software is ready to be installed. This can be done by typing:

sudo php -q install.php

Next you will have to go through a quite lengthy deployment processes.

Luckily, you need to provideonly your MySQL root password in the details. For all other entries, utilize the default values by pressing “ENTER” and skipping ahead.

On finishing the installation, update the most recent version by typing:

sudo php -q update.php

Again, only press “ENTER” for using the default values for each command.

Once you are done, you can go to your ISPConfig service by going to your domain name ensuedby:8080  in your browser:

https://server_domain_name:8080

An SSL warning will be generated as self-signed certificates are being used:

ssl_warning

Click on “proceed” or “continue” for accepting the certificate.

A login screen would appear next.

login

The default username and password are both  admin:

Username: admin
Password: admin

Once you enter these values, you will be forwarded to the ISPConfig3 interface:

main_site

On reaching here, you need to modify the admin user’s password by clicking on the “System” button, next clicking upon the “CP Users” link under the “User Management” category of the left-hand navigation menu.

Now click upon the  admin user account that’s there in the main window. You will be provided with a choice of changing the password for the admin user on the page.

Conclusion

YourISPConfig panel is now deployed and configured. You can now manage mail, accounts and domains from inside this interface.

KB Admin has written 46 articles