Posts Tagged ‘ISPConfig 2’

Secure /tmp and /dev/shm directories in a OpenVZ enviroment

Tuesday, August 31, 2010 posted by Till

The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started.

I will use VPSID as placeholder for the ID of the virtual machine in the commands and the script. Replace VPSID with the id of the virtual machine that you want to create the script for, e.g. replace VPSID with 101.

Create the script:

vi /etc/vz/conf/VPSID.mount


and insert the following lines:

#!/bin/bash mount -n --bind -onosuid,noexec /vz/vps/VPSID/tmp /vz/root/VPSID/tmp mount -n --bind -onosuid,noexec /vz/vps/VPSID/shm /vz/root/VPSID/dev/shm exit ${?}


now make the sscript executable:

chmod 700 /etc/vz/conf/VPSID.mount

Migrate physical server system to OpenVZ virtual machine

Tuesday, August 31, 2010 posted by Till

In case you plan to virtualize your server infrastructure and migrate physical servers to OpenVZ virtual machines, you may find this tutorial helpful:

http://wiki.openvz.org/Physical_to_container

I used this to migrate a ISPConfig Debian system to OpenVZ successfully.

Many webmasters want to redirect users that access their websites with “domain.tld” automatically to “www.domain.tld”. If you use the Apache web server, you can do this by using Apache rewrite rules.

Add a .htaccess file with the following content in the root directory of the website:

Options +FollowSymlinks RewriteEngine On RewriteCond %{HTTP_HOST}//s%{HTTPS} ^[^w][^w][^w][^.].*//((s)on¦s.*) [NC] RewriteRule ^ http%2://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


If you use ISPConfig as hosting control panel, you can add these rules also in the Apache directives field of the website.

Thanks to “extras” from webmasterworld for this useful rewrite rule.

Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule.

Description of the bug:

https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/

To fix this, run the following command on the shell as root user:

sa-update


If you use the software ISPConfig 2 on your server, run this command:

/home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update

How to reset the MySQL root password

Wednesday, October 21, 2009 posted by Till

The following steps describe the procedure to reset the mysql root password on Linux.

1) Stop the mysql server

/etc/init.d/mysql stop

2) Start the mysql server manually without permission tables which allows us to login as root user without password:

mysqld_safe --skip-grant-tables &

3) Login into mysql as root user without a password and switch to the “mysql” database:

mysql -u root mysql

Then execute this SQL query to set a new password for the mysql root user:

update user set Password=PASSWORD('mynewpassword') WHERE User='root';

(Replace “mynewpassword” with the new root password in the above command).

Then logout from the mysql prompt by typing:

exit

4) Now bring back the running mysql instance into the foreground by typing:

fg

and then press [ctrl] + c to kill the mysql process.

5) Start the mysql server again:

/etc/init.d/mysql start

How to use a custom php.ini with suphp

Monday, October 19, 2009 posted by Till

To use a custom php.ini file with SuPHP for a website, you can define the path to the php.ini file in a .htaccess file or in the apache vhost like this:

suPHP_ConfigPath /home/websites/domain.tld/

Then add a php.ini file in the directory /home/websites/domain.tld/ which may be a copy of the global php.ini were you just changed a few settings or an empty file were you add only the settings that shall be overridden in the global PHP configuration.

If you use ISPConfig 2 or 3, you can add the suPHP_ConfigPath setting also in the apache directives field of the website  in ISPConfig.

If you want to redirect a subdomain like sub.domain.tld into a subdirectory of the website and keep the original URL in the browser location bar, you may use the following apache directives.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^sub.domain.tld [NC]
RewriteRule ^/(.*)$ /sub/$1 [L]

This rewrite rule can be added into a .htaccess file in the website root or inside the vhost file. If you use ISPConfig 2 or 3, you can add this also into the apache directives field in the website settings.

Replace sub.domain.tld with the subdomain that shall be redirected and /sub/ with the path to the directory were the pages for this subdomain are located.

If all your visitors shall access your website with a URL like www.domain.com and not without www, use the following apache rewrite rule for redirecting them.

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www
RewriteRule (.*) http://www.%{HTTP_HOST}$1 [L,R]

The apache rewrite rule can be added in a .htaccess file in the website root directory or if you use ISPConfig 2 or 3, you can also add the rwrite rule into the apache directives field of the website.

Http connections can be redirected to https with the apache mod_rewrite module, which should be available in every apache installation. Create a file with the name .htaccess in the website root directory which contains the following lines:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

If you use ISPConfig 2 or 3, you can add these lines also in the apache directives field of  the website settings form instead of adding them to a .htaccess file. But the approach with the .htaccess file will work on ISPConfig as well.

The language of the generated webslizer statistics is statically compiled into the webalizer binary. To change the language, webalizer has to be recompiled. In the following example, I will recompile webalizer to change the language to german.

Uninstall webalizer and install the GD library:

apt-get remove webalizer apt-get install libgd2-xpm-dev Download the latest webalizer sources and uncompress the tar archive: <p class="command">cd /tmp wget <a href="http://archive.mgm51.com/mirrors/webalizer-files/webalizer-2.01-10-src.tgz">http://archive.mgm51.com/mirrors/webalizer-files/webalizer-2.01-10-src.tgz</a> tar xzf webalizer-2.01-10-src.tgz cd webalizer-2.01-10 Reconfigure and compile webalizer <p class="command">./configure --with-language=german make make install Create a symlink so that other applications find the webalizer binary in the common place <p class="command">ln -s /usr/local/bin/webalizer /usr/bin/webalizer

Cleanup

rm -f /tmp/webalizer-2.01-10-src.tgz
rm -rf /tmp/webalizer-2.01-10

Thanks to planet_fox for this FAQ.