How to disable Apache mod_security for a website in ISPConfig 3.

If you use mod_security on your server you might encounter that a website script is not compatible with mod_security. To disable mod_security (v2) for a website, add the following code into the apache directives field:

SecRuleEngine Off

For the older mod_security 1 version, use these configuration directives:

SecFilterEngine Off

Thanks to Planetfox for this tipp.

How to remove old java versions from Windows

When you install the latest java runtime enviroment, it gets installed beside your existing java installation. With every java update, more space is used on the harddisk. To remove old java versions, there is a tool named JavaRa which can be downloaded here:

Unpack the file and double click on the JavaRa.exe to start JavaRa. Select the language:

and click on "Remove older versions".

How to convert RPM software packages to Debian (.deb)

Maybe you had this problem already: you use Debian or Ubuntu Linux and a software package that you like to install is only available in RPM format. The solution is a handy tool called alien, which converts .rpm files to .deb. Installing alien:

apt-get install alien

Converting a rpm package to debian format:

alien --to-deb /tmp/mysoftwarefile.rpm

Conversions from .deb to rpm are also possible:

alien --to-rpm /tmp/mysoftwarefile.deb

How to force caching headers with apache and squid reverse proxy

If you use a squid reverse proxy in front of your apache webserver to reduce the load, it might happen that pages are not cached correctly because the website script running on the apache webserver sends wrong caching headers. I had this problem with a wordpress install, wordpress had always send pragma no-cache headers with the pages so squid reported a cache miss for every page request. A simple solution for this is to use apache mod_headers to delete the no chache header and replace it with a header for 10 minute cache period.

First, ensure that mod_herders is enabled. To do this in Debian and Ubuntu, run the command:

a2enmod headers

Then create a .htaccess file in the website root directoyr which contains the following lines:

Header unset Pragma
Header set Cache-Control "must-revalidate, max-age=0, s-maxage=600"
Header set Vary "Accept-Encoding"

How to Update ISPConfig 3

The ISPConfig update script is a easy way to update a ISPConfig 3 installation. If you want to create a manual backup of ISPConfig, take a look at the instructions at the end of the article.

To update ISPConfig 3, login as root user on the shell of your server and run the command:

>> Update

Please choose the update method. For production systems select 'stable'.
The update from svn is only for development systems and may break your current setup.

Select update method (stable,svn) [stable]:

You should always select "stable" on a production system. The "svn" version is only suitable for ISPConfig 3 development.

The updater will then check the version of your system, download the latest update and starts the update process.

This application will update ISPConfig 3 on your server.

Shall the script create a ISPConfig backup in /var/backup/ now? (yes,no) [yes]:

You should choose "yes" here. This will create a backup of the ISPConfig scripts (/usr/local/ispconfig), the /etc directory and the ISPC0nfig MySQL database in the directory /var/backup/

Creating backup of "/usr/local/ispconfig" directory...
Creating backup of "/etc" directory...
Checking ISPConfig database .. OK
Starting incremental database update.

The update script will then start to install incremental database updates for ISPConfig, if required.

Reconfigure Permissions in master database? (yes,no) [no]:

If this is a slave server in a multiserver setup, then choose "yes" here on at least one of the slave servers. For single server installations, choose 'no'. Then you were asked if the services shall be reconfigured:

Reconfigure Services? (yes,no) [yes]:

You should choose "yes" here, only if you modified your system configuration manually, it might be better to choose no. But in this case, new features in ISPConfig might not work or functions might stop working until you adjusted the config files manually. So its always a good choice to select 'yes' here. In the next step, select the ispconfig port:

ISPConfig Port [8080]:

Port 8080 is the default, if you have not changed it, press enter. Otherwise enter the port number and then press enter. As the last step, you wre asked if the crontab shall get reconfigured, you can select yes here by just pressing return.

Create new ISPConfig SSL certificate (yes,no) [no]:

If your SSL certificate for the ISPConfig interface has been expired and you want to renew it or if you want to enable SSL encryption for the ISPConfig interface, then choose "yes". If you dont need a new SSL certificate, take the default (no).

Reconfigure Crontab? (yes,no) [yes]:

The ISPConfig updater will then update the ispconfig files and restart services, if the configuration has been changed.

Backup before updates

(This backup procedure is now integrated into the ISPConfig updater and gets executed automatically when you choose to create a backup during update)

Before you update a software, it is always a good idea to backup all relevant data. This enables you to restore the software version that you had before in case of an error. The steps to create a backup of the ispconfig software and settings are:

Create a backup folder:

mkdir /home/backup
chmod 700 /home/backup
cd /home/backup

Backup the database

mysqldump -u root -p dbispconfig > dbispconfig.sql

Backup the ISPConfig software

tar pcfz ispconfig_software.tar.gz /usr/local/ispconfig

Backup the configuration files in /etc

tar pcfz etc.tar.gz /etc

This backup does not include the emails and website data.

Keep the spamassassin filter rules up to date in ISPConfig 3

To update the spamassassin rules regularily on your ISPConfig 3 server, add the following line to the root crontab by running:

crontab -e

then insert the following line:

23 4 */2 * * /usr/bin/sa-update --no-gpg &> /dev/null

and save the file. The path to the sa-update script is /usr/bin/sa-update on Ubuntu and Debian Linux, if you use a different linux distrubution, run the command:

which sa-update

to find the location of the sa-update script and adjust the path in the crontab line above so that it matches the path on your system.

How to kill processes in “D” state in Linux?

If a process is shown with process state "D" in tools like ps or top, then its a zombie process. Example:

ps axl | grep D

4   104  2579  9109  20   0   5024  2116 refrig D    ?          0:00 cleanup -z -t unix -u -c

Zombie processes can not be killed with the normal commands like "kill -9 PID", you will have to reboot the system to kill them.

How to use apt-file to find which .deb package contains a specific file

Sometimes you need to know which debian package contains a specific file e.g. because you deleted a system file accidently or you try to install a new software that requires this file. The apt package management utility which is used in Debian and Ubuntu comes with a handy tool called apt-file which allows a saerch for filenames in the package database.

Install apt-file

apt-get install apt-file

Update the apt-file database

apt-file update

Search for a specific file name, e.g. "lcrypto"

apt-file search /bin/bash

apt-file search /bin/bash
bash: /bin/bash
bash: /usr/bin/bashbug
bash-minimal: /bin/bash-minimal
bash-static: /bin/bash-static
bashdb: /usr/bin/bashdb
mybashburn: /usr/bin/bashburn