Before beginning, a domain name should be pointed at the server that would be used.
User with sudo privileges also must be required. To begin, log in as this user.
Upgrade the System
You must update the local package index before doing this:
sudo apt-get update sudo apt-get upgrade
Verify Hostname are Configured Correctly
Hostname should be correctly configured. we will be assuming that we are setting up a domain name as
server.test.com and the server’s IP address is
It needs to be verified that our hostname is correctly configured. Taking a look at file of our hosts:
sudo vi /etc/hosts
It may look like this:
127.0.0.1 localhost server.test.com server
We intend to make our hostnames utilize our public IP address. This can be done by dividing the line into two lines and aiming the domain name portion to our public IP address:
127.0.0.1 localhost 184.108.40.206 server.test.com server
hostname also has the correct domain name:
sudo vi /etc/hostname
you can change the value:
You should ensure that the system utilizes the new value by entering:
sudo hostname -F /etc/hostname
Change System Settings
you would want to disable AppArmor, as it is not compatible with ISPConfig.
sudo service apparmor stop
you also need to unload its profiles by entering:
sudo service apparmor teardown
Similarly, this service should not be started at boot:
sudo update-rc.d -f apparmor remove
you can remove associated packages and files:
sudo apt-get remove apparmor
furthermore, shell needs, For system processes, As Ubuntu utilizes the
dash shell, but ISPConfig utilizes added functionality specifically provided by
bash can be set to be the default system shell by entering:
sudo dpkg-reconfigure dash
When prompted, select “No” for having the utility reconfigure the system shell pointer for using
bash rather than
Install Additional Components
We will need to deploy basic LAMP (Linux, Apache, MySQL, PHP) components, anti-virus scanning software for our mail,mail software, and other packages which is needed components for ISPCONFIG.
you can do that by typing single command:
sudo apt-get install apache2 apache2-utils libapache2-mod-suphp libapache2-mod-fastcgi libapache2-mod-python libapache2-mod-fcgid apache2-suexec libapache2-mod-php5 php5 php5-fpm php5-gd php5-mysql php5-curl php5-intl php5-memcache php5-memcached php5-ming php5-ps php5-xcache php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl php5-imap php5-cgi php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libruby memcached phpmyadmin postfix postfix-mysql postfix-doc mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve mailman amavisd-new spamassassin clamav clamav-daemon zoo unzip zip arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl libnet-dns-perl bind9 dnsutils vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl squirrelmail pure-ftpd-common pure-ftpd-mysql snmp
During the installation process , You can select a language as
(English) and continue. Also, you need to confirm of a password for MySQL administrative user.
SSL certificate needs to be created for
dovecot. Select “Yes”. Enter the name as “commonName” for your SSL certificate, which will be your (FQDN)fully qualified domain name:
postfix you will be asked to configure mail. Select
Internet Site. then you can set your domain name as the system mail name.
Similarly, Select “apache2” and press “SPACE” for installing phpMyAdmin, the software that possesses the capability of automatically configuring itself depending upon your web server. Now hit “TAB” then “ENTER” for making the selection.
Next Select “Yes” to enter the MySQL administrator account’s password that you had selected above to configure the database for phpMyAdmin using
dbconfig-common. . Then you need to perform selection and confirmation of a password for the phpMyAdmin user.
Now all your components are installed.
You can open the default configuration file with your favourite editor:
sudo vi /etc/postfix/master.cf
you have to uncomment the line at the submission service alongwith the starting three option lines below, and the smtps service and the beginning three option lines for that one also:
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes . . . smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
Now, under both the services an additional option needs to be added. It would be similar for each:
submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject . . . smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
On finishing, save and close the file.
You also have to configure mailman to manage mailing list.
In the beginning, you can make a new list:
sudo newlist mailman
You can provide the email to be linked with the list. Also, don’t forget to select a password.
A long list of aliases would be outputted by the script. Those should be added to the
/etc/aliases file’s bottom:
sudo vi /etc/aliases
It will look like this:
postmaster: root mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"
After everything is done, save and close the file.
You need to make Postfix aware of the added aliases by typing:
Start the mailman service:
sudo service mailman start
postfix service for enabling mail changes:
sudo service postfix restart
Also stop and disable
spamassassin. This is required as ISPConfig says that it is not required to run all the time:
sudo service spamassassin stop
The server can then be told to not start it at the boot again:
sudo update-rc.d -f spamassassin remove
you have to enable mcrypt functionality in PHP:
sudo php5enmod mcrypt
Also, enable few Apache modules that we installed.
sudo a2enmod rewrite ssl actions include cgi dav_fs suexec dav auth_digest fastcgi alias
suphp configuration file:
sudo vi /etc/apache2/mods-available/suphp.conf
<IfModule mod_suphp.c> <FilesMatch "\.ph(p3?|tml)$"> SetHandler application/x-httpd-suphp </FilesMatch> suPHP_AddHandler application/x-httpd-suphp . . .
The top block should be replaced with a single command. On finishing, it will look like this:
<IfModule mod_suphp.c> AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml suPHP_AddHandler application/x-httpd-suphp
On finishing, save and close the file.
Create a symbolic link for the
mailman Apache file manually by typing:
sudo ln -s /etc/mailman/apache.conf /etc/apache2/conf-available/mailman.conf
Then enable it by typing:
sudo a2enconf mailman
If you plan to create sites that can host Ruby files, then you should comment out the
.rb files’processing in the
mime.types file. ISPConfig will manage this by itself:
sudo nano /etc/mime.types
application/x-rss+xml rss #application/x-ruby rb application/x-rx
On finishing, save and close the file.
Now, Apache needs to be restarted for implementing our changes:
sudo service apache2 restart
A few more system pieces needs to be edited.
AsISPConfig is utilizedoften for subdividing the server space for the purpose of reselling, FTP access to the clients is usually a requirement. All the necessary software has already been installed, but few adjustments are still remaining.
We will begin by editing the configuration of FTP server:
sudo nano /etc/default/pure-ftpd-common
We require to ensure that our FTP users are restricted to a chroot environment so that they are unable to intervene in the remaining system. This can be done by modifying the
VIRTUALCHROOT setting to
As FTP is innately insecure, we will protect it with the TLS encryption. This can be set up by making a flag file that just contains the
sudo nano /etc/pure-ftpd/conf/TLS
Next, a self-signed certificate needs to be created which can be utilized by the process. This can be done by calling:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem
This certificate holds validity of one year. Some prompts needs to be answered. Provide them your information. The
Common Name is probably the most crucial part.
The key file needs to be locked out afterwards by typing:
sudo chmod 600 /etc/ssl/private/pure-ftpd.pem
On finishing all this, restart the service:
sudo service pure-ftpd-mysql restart
This should permit our FTP daemon for utilizing encryption.
A reason to get FTP set up on the system is due to deploying a monitoring daemon named
awstats which is configured for expecting the existence of this particular service.
ISPConfig will call
awstats as required, so that it need not rely upon the
cron job which is usually utilizedfor polling the server. This can be removed by typing:
sudo rm /etc/cron.d/awstats
Now the actual ISPConfig software can be installed.
This can be done by downloading the most recent stable version to our server. The most advanced stable version with a direct link available is version 3 at present. Installation will be updated once we get everything deployed.
Now, you need to change to your home directory and the project should be downloaded using
cd ~ wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
On completion of download, the directory structure should be extracted and moved into the
install subdirectory of the folder structure that’s extracted:
tar xzvf ISPConfig* cd ispconfig3_install/install/
Now, the software is ready to be installed. This can be done by typing:
sudo php -q install.php
Next you will have to go through a quite lengthy deployment processes.
Luckily, you need to provideonly your MySQL root password in the details. For all other entries, utilize the default values by pressing “ENTER” and skipping ahead.
On finishing the installation, update the most recent version by typing:
sudo php -q update.php
Again, only press “ENTER” for using the default values for each command.
Once you are done, you can go to your ISPConfig service by going to your domain name ensuedby
:8080 in your browser:
An SSL warning will be generated as self-signed certificates are being used:
Click on “proceed” or “continue” for accepting the certificate.
A login screen would appear next.
The default username and password are both
Username: admin Password: admin
Once you enter these values, you will be forwarded to the ISPConfig3 interface:
On reaching here, you need to modify the admin user’s password by clicking on the “System” button, next clicking upon the “CP Users” link under the “User Management” category of the left-hand navigation menu.
Now click upon the
admin user account that’s there in the main window. You will be provided with a choice of changing the password for the admin user on the page.
YourISPConfig panel is now deployed and configured. You can now manage mail, accounts and domains from inside this interface.