If you get the error message “connect to mysql server 127.0.0.1: Too many connections” in a log file, e.g. the mail.log file, then the max. number of mysql database connections on your server is reached. To increase the max. number of simultanious connections, edit the MySQL my.cnf file:

vi /etc/mysql/my.cnf

[mysqld]
……
max_connections = 500
max_user_connections = 500
…….

The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started.

I will use VPSID as placeholder for the ID of the virtual machine in the commands and the script. Replace VPSID with the id of the virtual machine that you want to create the script for, e.g. replace VPSID with 101.

Create the script:

vi /etc/vz/conf/VPSID.mount

#!/bin/bash
mount -n --bind -onosuid,noexec /vz/vps/VPSID/tmp /vz/root/VPSID/tmp
mount -n --bind -onosuid,noexec /vz/vps/VPSID/shm /vz/root/VPSID/dev/shm
exit ${?}

chmod 700 /etc/vz/conf/VPSID.mount

In case you plan to virtualize your server infrastructure and migrate physical servers to OpenVZ virtual machines, you may find this tutorial helpful:

http://wiki.openvz.org/Physical_to_container

I used this to migrate a ISPConfig Debian system to OpenVZ successfully.

If you use a mailserver wil very low ram (< 500 MB) and a slow CPU then it might be nescessary to disable the spam- and antivirus filter functions in ISPConfig 3 as amavisd and clamav might be too heavy for your server hardware. The steps to disable clamav and amavisd are:

Edit postfix main.cf file

vi /etc/postfix/main.cf

# content_filter = amavis:[127.0.0.1]:10024
# receive_override_options = no_address_mappings

/etc/init.d/postfix restart

/etc/init.d/clamav-daemon stop
/etc/init.d/clamav-freshclam stop
/etc/init.d/amavis stop

update-rc.d -f clamav-daemon remove
update-rc.d -f clamav-freshclam remove
update-rc.d -f amavis remove

The changes in postfix main.cf will get overwitten by a ispconfig software update when you select to reconfigure services during upadte, so you should comment out the lines again after you install a ispconfig update.

As of today, all ClamAV 0.94 or older installs will stop working. The Debian project has not released updates for their current stable release (5.0) yet to solve this, but there is a workaround. The Debain volatile project provides newer clamav versions. The installation steps to install ClamAV 0.95.3 on Debian lenny are:

1) Add the debian volatile repository to the sources list:

echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list

apt-get update
apt-get install clamav
apt-get -u upgrade

/etc/init.d/amavis restart

Many webmasters want to redirect users that access their websites with “domain.tld” automatically to “www.domain.tld”. If you use the Apache web server, you can do this by using Apache rewrite rules.

Add a .htaccess file with the following content in the root directory of the website:

Options +FollowSymlinks
RewriteEngine On
RewriteCond %{HTTP_HOST}//s%{HTTPS} ^[^w][^w][^w][^.].*//((s)on¦s.*) [NC]
RewriteRule ^ http%2://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Thanks to “extras” from webmasterworld for this useful rewrite rule.

If you use mod_security on your server you might encounter that a website script is not compatible with mod_security. To disable mod_security (v2) for a website, add the following code into the apache directives field:

<IfModule mod_security2.c>
SecRuleEngine Off
</IfModule>

For the older mod_security 1 version, use these configuration directives:

<IfModule mod_security.c>
SecFilterEngine Off
</IfModule>

The ISPConfig update script is a easy way to update a ISPConfig 3 installation. If you want to backup the installation before, take a look at the instructions at the end of the article.

To update ISPConfig 3, login as root user on the shell of your server and run the command:

ispconfig_update.sh

Please choose the update method. For production systems select 'stable'.
The update from svn is only for development systems and may break your current setup.

Select update method (stable,svn) [stable]:

The updater will then check the version of your system, download the latest update and starts the update process. In the next step, enter the mysql root password:

This application will update ISPConfig 3 on your server.
MySQL root password []:

Reconfigure Services? (yes,no) [yes]:

ISPConfig Port [8080]:

Reconfigure Crontab? (yes,no) [yes]:

Backup before updates

Before you update a software, it is always a good idea to backup all relevant data. This enables you to restore the software version that you had before in case of an error. The steps to create a backup of the ispconfig software and settings are:

Create a backup folder:

mkdir /home/backup
chmod 700 /home/backup
cd /home/backup

mysqldump -u root -p dbispconfig > dbispconfig.sql

tar pcfz ispconfig_software.tar.gz /usr/local/ispconfig

tar pcfz etc.tar.gz /etc

To update the spamassassin rules regularily on your ISPConfig 3 server, add the following line to the root crontab by running:

crontab -e

23 4 */2 * * /usr/bin/sa-update --no-gpg &amp;&gt; /dev/null

which sa-update

Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule.

Description of the bug:

https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/

To fix this, run the following command on the shell as root user:

sa-update

/home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update