[Recommend] config Directadmin

Thảo luận trong 'Cloud VPS' bắt đầu bởi Nguyễn Thanh, 12/4/14.

  1. Nguyễn Thanh

    Nguyễn Thanh TND Staff Thành viên BQT

    DirectAdmin Server Setup

    Getting Started

    1. Connect to the server using SSH and login as the admin user.
    2. Switch to the root user using the su command.
    3. Using your Web browser, browse to the DirectAdmin control panel at http://<server ip>:2222.
    4. Sign into the control panel using the DirectAdmin admin username and password.

    Change Shell Passwords

    1. Make sure you are connected to the server as the root user using SSH.
    2. Change the admin user’s password:

    # /usr/bin/passwd admin
    (set new password)


    3. Change the root user’s password:

    # su -
    # /usr/bin/passwd
    (set new password)

    Setup Secure Shell (SSH) Service

    1. Add the admin user to the wheel group:

    # usermod -G wheel admin


    2. Edit the server’s SSH configuration file:

    # nano -w /etc/ssh/sshd_config


    3. To allow only SSH protocol 2 connections, find the line:

    #Protocol 2, 1


    4. Uncomment it and change it to:

    Protocol 2


    5. Next, to disable direct root login, find the line:

    #PermitRootLogin yes


    6. Uncomment it and change it to:

    PermitRootLogin no


    7. Next, to change the port that SSH listens on, find the line:

    #Port 22


    8. Uncomment it and change it to:

    Port 1022


    9. Save the file and exit the editor.
    10. Restart the SSH service:

    # service sshd restart

    Change the Server Admin Username

    1. Change the admin username:

    # cd /usr/local/directadmin/scripts
    # ./change_username.sh admin newuser

    Note: Replace ‘newuser’ with the username you wish to use for the admin account.


    2. Edit the server’s SSH configuration file:

    # nano -w /etc/ssh/sshd_config


    3. Find the line:

    AllowUsers admin


    4. Change it to:

    AllowUsers newuser


    5. Save the file and exit the editor.
    6. Restart the SSH service:

    # service sshd restart


    7. Edit the DirectAdmin list of allowed admins file:

    # nano -w /usr/local/directadmin/data/admin/admin.list


    8. Change the line with the admin username to the new username for the admin account.
    9. Save the file and exit the editor.

    Set the Server’s Date and Time

    1. Set the server’s time zone:

    # rm -f /etc/localtime
    # ln -s /usr/share/zoneinfo/America/New_York /etc/localtime


    2. Update the current system time:

    # /usr/bin/rdate -s clock.psu.edu


    3. Set the ZONE entry in the file /etc/sysconfig/clock to “America/New_York”.
    4. Set the hardware clock:

    # /sbin/hwclock –-systohc


    5. Setup a new hourly cron job to keep the server’s time accurate:

    # touch /etc/cron.hourly/rdate
    # chmod 755 /etc/cron.hourly/rdate
    # nano -w /etc/cron.hourly/rdate


    6. Paste the following lines into the new cron file:

    #!/bin/sh

    host=”clock.psu.edu”
    /usr/bin/rdate -s $host >/dev/null 2>&1 && /sbin/hwclock –-systohc >/dev/null 2>&1


    7. Save the file and exit the editor.

    Setup Message of the Day for SSH Logins

    1. Edit the server’s MOTD file:

    # nano -w /etc/motd


    2. Paste the following lines into the file:

    ************************************************** ******************************
    DISCLAIMER
    ************************************************** ******************************

    This computer system is for authorized users only.

    Individuals using this system without authority or in excess of their given
    authority are subject to having all their activities on this system monitored
    and logged or examined by any authorized person, including law enforcement,
    as system personnel deem appropriate. In the course of monitoring individuals
    who are improperly using the system or in the course of system maintenance,
    the activities of authorized users may also be monitored and logged. Any
    logs may be disclosed as appropriate or required by law.

    Any illegal services run by any user or any attempts to take down this server
    or its services will be reported to local law enforcement, and the user will
    be punished to the full extent of the law.

    Anyone using this system consents to these terms.

    ************************************************** ******************************


    3. Save the file and exit the editor.

    Set the Server’s Hostname

    1. Make sure you are signed into the DirectAdmin control panel as the admin user.
    2. Click the Administrator Settings link.
    3. In the “Server’s Hostname” field, enter the server’s hostname in the format hostname.domain.tld (do not use just domain.tld).
    4. Click the Save button.
    5. Click the Home icon.

    Set a Main Domain Name

    1. Switch to the User Level panel (link is near the top right of the screen).
    2. Click the Domain Administration button.
    3. Click the Add Another Domain link.
    4. Enter the domain name into the “Domain” field.
    5. Click the Submit button.
    6. Click the Home icon.

    Create Nameservers

    1. Add at least one additional IP address to the sever (requires two IP addresses):
    a. Switch to the Admin Level panel (link is near the top right of the screen).
    b. Click the IP Management link.
    c. Enter the IP address in the “IP” field.
    d. Enter the Subnet Mask in the “Netmask” field.
    e. Click the Add IP button.
    f. Place a checkmark next to all the IP addresses.
    g. Click the Assign to button at the bottom of the screen. The admin username should be selected in the dropdown menu.
    h. Click the Home icon.

    2. Create the nameservers:
    a. Switch to the Reseller Level panel (link is near the top right of the screen).
    b. Click the Nameservers link.
    c. If there are any nameservers currently listed, delete them first by placing checkmarks next to them and clicking the Delete Nameservers button.
    d. Place checkmarks next to any two IP addresses that are listed.
    e. Click the Create button, selecting the domain you want the nameservers created for from the dropdown list. Make sure “ns1” and “ns2” are entered into the text fields.
    f. Click the Home icon.

    3. Tell DirectAdmin that these will be the primary nameservers:
    a. Switch back to the Admin Level panel.
    b. Click the Administrator Settings link.
    c. Make sure the NS1 and NS2 fields are accurate.
    d. Click the Save button.
    e. Click the Home icon.

    Set E-mail Addresses in the Control Panel

    1. From the Admin Level panel, click the Manage Tickets link (under Server Management).
    2. Make sure the e-mail address is properly set.
    3. Click the Save button.
    4. Switch to the User Level panel.
    5. Click the Site Summary / Statistics / Logs link.
    6. Set your e-mail address.
    7. Click the Save button.
    8. Click the Home icon.

    Change Main Site’s IP Address

    1. Switch to the Reseller Level panel.
    2. Click the List Users link.
    3. Click the Modify your own User data link.
    4. Using the “Set IP To” dropdown list, select the IP address for the main site.
    5. Click the Save button.
    6. Click the Home icon.

    Make Sure the Server’s Hostname Resolves

    1. Switch to the Admin Level panel.
    2. Click the DNS Administration link.
    3. Click on the link for the primary domain’s zone.
    4. Add an Address (A) record that looks like the following, replacing ‘hostname’ with the server’s actual hostname minus the domain name and ‘1.2.3.4’ with the server’s main IP address:

    NameTypeValue
    hostname A 1.2.3.4


    5. Click the Add button.
    6. Click the Home icon.

    Update Core System Software and Configuration

    1. Make sure you are connected to the server as the root user using SSH.
    2. Update Exim:

    # cd /usr/src/redhat/SRPMS
    # wget http://files.directadmin.com/service...4.66-1.src.rpm
    # rpmbuild --rebuild da_exim-4.66-1.src.rpm
    # rpm -Uvh /usr/src/redhat/RPMS/i386/da_exim-4.66-1.i386.rpm
    # service exim restart
    # rm -f da_exim-4.66-1.src.rpm


    3. Update the Exim configuration file:

    # wget -O /etc/exim.conf http://files.directadmin.com/services/exim.conf
    # wget -O /etc/exim.pl http://files.directadmin.com/services/exim.pl
    # chmod 755 /etc/exim.pl
    # cd /etc/virtual
    # touch blacklist_domains
    # touch whitelist_from
    # touch use_rbl_domains
    # touch bad_sender_hosts
    # touch blacklist_senders
    # touch whitelist_domains
    # touch whitelist_hosts
    # touch whitelist_senders
    # echo 0 > limit
    # mkdir usage
    # chown mail:mail blacklist_domains
    # chown mail:mail whitelist_from
    # chown mail:mail use_rbl_domains
    # chown mail:mail bad_sender_hosts
    # chown mail:mail blacklist_senders
    # chown mail:mail whitelist_domains
    # chown mail:mail whitelist_hosts
    # chown mail:mail whitelist_senders
    # chown mail:mail limit
    # chown mail:mail usage
    # service exim restart


    4. Enable Realtime Block Lists (RBLs) with Exim:

    # cd /etc/virtual
    # rm -f use_rbl_domains
    # ln -s domains use_rbl_domains


    5. Update ProFTP:

    # cd /usr/src/redhat/SRPMS
    # wget http://files.directadmin.com/service...3.0a-1.src.rpm
    # rpmbuild --rebuild proftpd-1.3.0a-1.src.rpm
    # rpm -Uvh /usr/src/redhat/RPMS/i386/proftpd-*1.3.0a-1.i386.rpm
    # service proftpd restart
    # rm -f proftpd-1.3.0a-1.src.rpm

    6. Install Dovecot:

    # cd /usr/local/directadmin/customapache
    # ./build update
    # ./build update_dovecot
    # ./build dovecot
    # ./build todovecot
    # echo "action=delete&value=mbox" >> /usr/local/directadmin/data/task.queue
    # service dovecot restart

    Note: Do not abort the “todovecot” command. It can take a long time to convert everything.


    7. Update Apache and PHP:

    # cd /usr/local/directadmin/customapache
    # ./build clean
    # rm -f configure.*
    # ./build update
    # ./build all d
    # service httpd restart


    8. Install Zend Optimizer:

    # cd /usr/local/directadmin/customapache
    # ./build clean
    # ./build update
    # ./build zend
    # service httpd restart

    Install SpamAssassin

    1. Install SpamAssassin:

    # cd /usr/local/directadmin/scripts
    # ./spam.sh


    2. Start spamd:

    # /usr/bin/spamd -d -c -m 5


    3. Edit the server’s Exim configuration file:

    # nano -w /etc/exim.conf


    4. Find the section of code:

    # Spam Assassin
    #spamcheck_director:
    # driver = accept
    # condition = "${if and { \
    # {!def:h_X-Spam-Flag:} \
    # {!eq {$received_protocol}{spam-scanned}} \
    # {!eq {$received_protocol}{local}} \
    # {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
    # } {1}{0}}"
    # retry_use_local_part
    # transport = spamcheck
    # no_verify


    5. Uncomment it and make sure it looks like this:

    # Spam Assassin
    spamcheck_director:
    driver = accept
    condition = "${if and { \
    {!def:h_X-Spam-Flag:} \
    {!eq {$received_protocol}{spam-scanned}} \
    {!eq {$received_protocol}{local}} \
    {exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
    } {1}{0}}"
    retry_use_local_part
    transport = spamcheck
    no_verify


    6. Make sure that you have the correct call to spamc in the spamcheck transport in exim.conf:

    transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch*{/etc/virtual/domainowners}{$value}}


    7. Restart the Exim service:

    # service exim restart

    Note: The global SpamAssassin configuration file is located in /etc/mail/spamassassin/local.cf.

    Install Installatron (Requires an Additional License)

    1. Make sure you are signed into the DirectAdmin control panel as the admin user.
    2. Increase the DirectAdmin timeout value:
    a. Login to DirectAdmin using an admin level account.
    b. Click Administrator Settings (available on the Admin Level page).
    c. Change the “Timeout (seconds)” value to “300”.
    d. Click Save.

    3. Install Installatron:
    a. Return to the Admin Level page in DirectAdmin.
    b. Click the Plugin Manager link.
    c. Paste this URL into the “Url” field:

    http://www.installatron.com/iTron.tar.gz


    d. Enter the DirectAdmin password in the “Password” field.
    e. Click Add Plugin.

    Note: The installation process can take a while. Do not reclick on Add Plugin.

    4. Perform an Installatron update:
    a. Return to the Admin Level page in DirectAdmin.
    b. Click the new Installatron Admin link.
    c. Click Update Installers & Languages.
    d. Wait for the update to complete, it can take anywhere between 5 and 20 minutes to complete.

    Note: In addition to downloading the most up-to-date installer packages and language files, this very first update will also download and cache all scripts currently supported by Installatron. This amounts to around 80meg of downloading from various sites around the internet.

    5. Setup cron to keep Installatron updated:
    a. Connect to the server using SSH and login as the admin user.
    b. Switch to the root user using the su command.
    c. Enter the following command:

    # nano -w /etc/crontab


    d. Add the following lines to the end of the /etc/crontab file:

    0 0 * * * USER=admin;/usr/local/directadmin/plugins/iTron/installatron 'CMD=_admin-syschk' >& /dev/null
    10 0 * * * USER=admin;/usr/local/directadmin/plugins/iTron/installatron 'CMD=_admin-update&pagination=no' >& /dev/null


    e. Save the file and exit the editor.

    Setup the User Packages

    1. Sign into the control panel at http://<server ip>:2222 as the admin user.
    2. Switch to the Reseller Level panel.
    3. Click the Manage User Packages link.
    4. Click the Add Package link.
    5. Add each of the appropriate user packages to DirectAdmin.
    6. When all packages have been added, click the Home icon.

    Setup the Reseller Packages

    1. Switch to the Admin Level panel.
    2. Click the Manage Reseller Packages link.
    3. Click the Add Package link.
    4. Add each of the appropriate reseller packages to DirectAdmin.
    5. When all packages have been added, click the Home icon.
     
  2. muabenem291

    muabenem291 Thành Viên Mới

    hóng
     

Chia sẻ trang này