SSL on the server’s main domain with DirectAdmin
If an Admin wishes to add an SSL certificate on the main server’s domain, they must do it manually. To do this, the Admin must obtain the certificate and key (explained in just a moment). After these have been acquired, the Admin will have to edit /etc/httpd/conf/httpd.conf file and scroll to the very bottom. You should see 2 virtual host directives. With the one that says <VirtualHost :443> you must modify the SSL tags.
Set:
SSLCertificateFile [full path to certificate]
SSLCertificateKeyFile [full path to key]
and if provided with a CA certificate file ADD the following line
SSLCACertificateFile [full path to CA certificate]
You have a few options when it comes to obtaining the key and certificate. First you can create you own self signed certificate. You can do this by typing the following:
openssl req -new -x509 -days 365 -keyout key.temp -out certificate
openssl rsa -in key.temp -out key.real
The second line is to remove the password from the key so that apache won’t hang on bootup waiting for the key password. Those commands will create a self signed certificate (remove the key.temp file after you’re done) but if you want to use an authority to sign your certificate (removes the annoying popup), you’ll need to create a certificate request:
openssl genrsa 1024 > key.real
openssl req -new -key key.real -out certificate.request
and you send the certificate.request file to to certificate authority to be signed. They will send you a signed certificate which you will install using the apache tags noted above (and you can delete the certificate.request file, it’s not needed).
Source and Credit - http://www.directadmin.com
DirectAdmin simple partition structure
/boot 40 meg
swap 2 x memory
/tmp 1 Gig. Highly recommended to mount /tmp with noexec,nosuid in /etc/fstab
/ 6-10 Gig
/var 8-20 gig. Emails, logs and databases stored here on Redhat/CentOS/Fedora
/usr 5-12 gig. Just DA data, source code, frontpage.
/home rest of drive. Roughly 80% for user data. Mount with nosuid in /etc/fstab if possible.
You may modify these as needed.
Note, if you plan on installing dovecot, all email data is stored under /home and not /var, so adjust as needed. Also FreeBSD and Debian store mysql databases in /home/mysql/.
Please have Basic development/compiling tools such as gcc, g++, and perl.
Make sure you do not install services such as Apache, PHP, MySQL, Ftp, Sendmail, etc., as this is done by DirectAdmin. All that is needed is a CLEAN install of the operating system.
DirectAdmin Control Panel Software
Apache 1.3, 2.0, 2.2 Web Server
FrontPage 5.0.2.2510 Microsoft FrontPageā¢ Extensions (apache 1.3 only)
Php 4.4 and/or 5.2 Php Scripting Language (CLI, or suPhp(cgi))
PhpMyAdmin MySQL Database Manager
MySQL 4.1/5.0 MySQL Databases
Exim 4 Exim Mail Manager
Majordomo 1.94.5 Majordomo Mailing List Manager
vm-pop3d 1.1.7f POP3 Mail Manager
WU-IMAP Imap daemon (with virtual pop modifications)
Dovecot Install option to replace vm-pop3d/wu-imapd. Uses Maildir instead of mbox
Proftpd 1.3 FTP Server
How to update your exim.conf in DirectAdmin
You can update your exim.conf by running the following as root:
wget -O /etc/exim.conf http://files.directadmin.com/services/exim.conf
wget -O /etc/exim.pl http://files.directadmin.com/services/exim.pl
chmod 755 /etc/exim.pl
cd /etc/virtual
touch blacklist_domains whitelist_from use_rbl_domains bad_sender_hosts blacklist_senders whitelist_domains whitelist_hosts whitelist_senders
echo 0 > limit
mkdir usage
chown mail:mail blacklist_domains whitelist_from use_rbl_domains bad_sender_hosts blacklist_senders whitelist_domains whitelist_hosts whitelist_senders limit usage
If you are running dovecot, you will need to re-patch your exim.conf:
patch -p0 < /usr/local/directadmin/customapache/exim.conf.dovecot.patch
patch -p0 < /usr/local/directadmin/custombuild/exim.conf.dovecot.patch
Then restart exim:
RedHat:
/sbin/service exim restart
Simple Rules to follow to setup a Mail System
Hostname must not match any domain that is being used on the system. Example, if you have a domain called domain.com and you want to recieve mail on user@domain.com, you must *not* set your hostname to domain.com. We recommend using server.domain.com instead. You must make sure that you add the A record for server.domain.com so that it resolves.
For DirectAdmin
- The hostname must be in the /etc/virtual/domains file.
- The hostname must *not* be in the /etc/virtual/domainowners file.
- The hostname must resolve. If not, add the required A records to the dns zone such that it does.
- The directory /etc/virtual/hostname must exist.. (eg: /etc/virtual/server.domain.com). It must not contain any files
- Any domains that you want to use for email (eg: domain.com) must be in both the /etc/virtual/domains file and the /etc/virtual/domainowners file. The directory /etc/virtual/domain.com must exist and the files /etc/virtual/domain.com/passwd and /etc/virtual/domain.com/aliases exist.
- File permissions for virtual pop inboxes should be (not applicable with Dovecot/Maildir):
/var/spool/virtual/domain.com 770 username:mail
/var/spool/virtual/domain.com/* 660 username:mail
- Make sure that your main server IP has a reverse lookup on it.
