Posts Tagged ‘ISPConfig 2’
Secure /tmp and /dev/shm directories in a OpenVZ enviroment
The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started.
I will use VPSID as placeholder for the ID of the virtual machine in the commands and the script. Replace VPSID with the id of the virtual machine that you want to create the script for, e.g. replace VPSID with 101.
Create the script:
vi /etc/vz/conf/VPSID.mount
and insert the following lines:
#!/bin/bash mount -n --bind -onosuid,noexec /vz/vps/VPSID/tmp /vz/root/VPSID/tmp mount -n --bind -onosuid,noexec /vz/vps/VPSID/shm /vz/root/VPSID/dev/shm exit ${?}
now make the sscript executable:
chmod 700 /etc/vz/conf/VPSID.mount
Migrate physical server system to OpenVZ virtual machine
In case you plan to virtualize your server infrastructure and migrate physical servers to OpenVZ virtual machines, you may find this tutorial helpful:
http://wiki.openvz.org/Physical_to_container
I used this to migrate a ISPConfig Debian system to OpenVZ successfully.
How to redirect requests for domain names without www to www.domain.tld
Many webmasters want to redirect users that access their websites with “domain.tld” automatically to “www.domain.tld”. If you use the Apache web server, you can do this by using Apache rewrite rules.
Add a .htaccess file with the following content in the root directory of the website:
Options +FollowSymlinks RewriteEngine On RewriteCond %{HTTP_HOST}//s%{HTTPS} ^[^w][^w][^w][^.].*//((s)on¦s.*) [NC] RewriteRule ^ http%2://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
If you use ISPConfig as hosting control panel, you can add these rules also in the Apache directives field of the website.
Thanks to “extras” from webmasterworld for this useful rewrite rule.
How to fix the spamassassin bug with the FH_DATE_PAST_20XX rule
Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule.
Description of the bug:
https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/
To fix this, run the following command on the shell as root user:
sa-update
If you use the software ISPConfig 2 on your server, run this command:
/home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update
How to reset the MySQL root password
The following steps describe the procedure to reset the mysql root password on Linux.
1) Stop the mysql server
/etc/init.d/mysql stop
2) Start the mysql server manually without permission tables which allows us to login as root user without password:
mysqld_safe --skip-grant-tables &
3) Login into mysql as root user without a password and switch to the “mysql” database:
mysql -u root mysql
Then execute this SQL query to set a new password for the mysql root user:
update user set Password=PASSWORD('mynewpassword') WHERE User='root';
(Replace “mynewpassword” with the new root password in the above command).
Then logout from the mysql prompt by typing:
exit
4) Now bring back the running mysql instance into the foreground by typing:
fg
and then press [ctrl] + c to kill the mysql process.
5) Start the mysql server again:
/etc/init.d/mysql start
How to use a custom php.ini with suphp
To use a custom php.ini file with SuPHP for a website, you can define the path to the php.ini file in a .htaccess file or in the apache vhost like this:
suPHP_ConfigPath /home/websites/domain.tld/
Then add a php.ini file in the directory /home/websites/domain.tld/ which may be a copy of the global php.ini were you just changed a few settings or an empty file were you add only the settings that shall be overridden in the global PHP configuration.
If you use ISPConfig 2 or 3, you can add the suPHP_ConfigPath setting also in the apache directives field of the website in ISPConfig.
Redirect a subdomain with apache mod_rewrite and keep the URL in the address bar
If you want to redirect a subdomain like sub.domain.tld into a subdirectory of the website and keep the original URL in the browser location bar, you may use the following apache directives.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^sub.domain.tld [NC]
RewriteRule ^/(.*)$ /sub/$1 [L]
This rewrite rule can be added into a .htaccess file in the website root or inside the vhost file. If you use ISPConfig 2 or 3, you can add this also into the apache directives field in the website settings.
Replace sub.domain.tld with the subdomain that shall be redirected and /sub/ with the path to the directory were the pages for this subdomain are located.
Redirect domains without www (e.g. domain.com) to www.domain.com with apache rewrite rules
If all your visitors shall access your website with a URL like www.domain.com and not without www, use the following apache rewrite rule for redirecting them.
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www
RewriteRule (.*) http://www.%{HTTP_HOST}$1 [L,R]
The apache rewrite rule can be added in a .htaccess file in the website root directory or if you use ISPConfig 2 or 3, you can also add the rwrite rule into the apache directives field of the website.
How to redirect an HTTP connection to HTTPS in apache webserver
Http connections can be redirected to https with the apache mod_rewrite module, which should be available in every apache installation. Create a file with the name .htaccess in the website root directory which contains the following lines:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
If you use ISPConfig 2 or 3, you can add these lines also in the apache directives field of the website settings form instead of adding them to a .htaccess file. But the approach with the .htaccess file will work on ISPConfig as well.
Change the language of webalizer statistics on Debian and Ubuntu Linux
The language of the generated webslizer statistics is statically compiled into the webalizer binary. To change the language, webalizer has to be recompiled. In the following example, I will recompile webalizer to change the language to german.
Uninstall webalizer and install the GD library:
apt-get remove webalizer apt-get install libgd2-xpm-dev Download the latest webalizer sources and uncompress the tar archive: <p class="command">cd /tmp wget <a href="http://archive.mgm51.com/mirrors/webalizer-files/webalizer-2.01-10-src.tgz">http://archive.mgm51.com/mirrors/webalizer-files/webalizer-2.01-10-src.tgz</a> tar xzf webalizer-2.01-10-src.tgz cd webalizer-2.01-10 Reconfigure and compile webalizer <p class="command">./configure --with-language=german make make install Create a symlink so that other applications find the webalizer binary in the common place <p class="command">ln -s /usr/local/bin/webalizer /usr/bin/webalizer
Cleanup
rm -f /tmp/webalizer-2.01-10-src.tgz
rm -rf /tmp/webalizer-2.01-10
Thanks to planet_fox for this FAQ.