[How to] ISPConfig 3.1 Installation Process on Ubuntu 18.04 20.04

ISPConfig 3.1 is a fast reliable control panel for managing a Linux Virtual Private Server (VPS). It is an open-source program allow you to manage services through a web browser. ISPConfig allows hosting multiple domains in a single server with the Apache and Nginx web server. You can manage cron jobs, email services, database and much more.

Contents

The core functions of ISPConfig 3.1 are free of cost.

Prerequisites:

• An active Virtual Private server with preinstalled Ubuntu 18.04.
• Accessible to SSH via root permission.

#1. Login to your server

First of all, login your server via SSH client using port 22. (Port 22 is a default SSH port. Confirm that your firewall allows port 22). For that, my choice is PuTTy SSH client. Download PuTTy Client here.

Alternatively, you can do this via terminal or any other SSH client. For the terminal, use the following command.

ssh root@'xx.xx.xx.xx 22

#2. Disable “AppArmor” program

ISPConfig installation needs only a bash program shell, not a dash. Run –

dpkg-reconfigure dash

Just disable it by choosing option – No.

#3. MariaDB, Postfix, and Dovecot Installation

MariaDB is a database program similar to MySQL. Dovecot is an open-source IMAP and POP3 email server. Postfix is a Sendmail program. You need to install it by executing the following command.

apt install mariadb-server postfix postfix-mysql openssl dovecot-mysql dovecot-pop3d dovecot-sieve dovecot-lmtpd binutils dovecot-imapd

Here you are required to set the system mail name as your hostname when a window prompt appears and asks to do.

Press Arrow Down > Space to mark “Internet Site” > "Tab” to select OK

Mark Internet Site by pressing the Space key on the keyboard.

Now enter your “Postfix Configuration mail name” as –

server.yourdomain.com

NOTE: Make sure that server.yourdomain.com is a Fully Qualified Domain Name (FQDN) pointing to your server IP address.

Now edit master.cf file.

nano /etc/postfix/master.cf

And remove the “#” comment for the following files.

-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject

Save the file by typing Ctrl+x > Y > Enter. Restart postfix.

systemctl restart postfix

At this point, you need to set a password for MariaDB. to do that just run-

mysql_secure_installation

Here you will be asked the following questions. Set then as given bellow.

• Change the root password = y
• Remove anonymous users? = y
• Disallow root login remotely? = y
• Remove the database and access to it? = y

# 4. Spamassassin, Clamav, Amavisd-new Setup

Spamassassin is an e-mail spam filtering program that blocks spam emails. ClamAV is an AntiVirus program for the Linux server. Amavisd-new is also an open-source content filter for email. Let them install on your server using the following command.

apt install spamassassin clamav clamav-daemon amavisd-new postgrey zip unzip bzip2 arj nomarch lzop cabextract libnet-ldap-perl libauthen-sasl-perl daemon libnet-ident-perl libnet-dns-perl libio-string-perl libio-socket-ssl-perl apt-listchanges

Spamassassin uses a lot of RAM. To free some memory, disable Spamassassin using the command given below.

systemctl stop spamassassin

systemctl disable spamassassin

freshclam

The command freshclam gives you some errors as it is running. Just ignore them.

Now start ClamAV-daemon.

systemctl start clamav-daemon

There is a BUG for Amavisd-new in Ubuntu 18.04. This bug can be fixed using a ubuntu-amavisd-new-2.11.patch.

To fix it, execute the following commands.

cd /tmp

wget https://git.ispconfig.org/ispconfig/ispconfig3/raw/stable-3.1/helper_scripts/ubuntu-amavisd-new-2.11.patch

cd /usr/sbin

cp -pf amavisd-new{,.orig}

patch < /tmp/ubuntu-amavisd-new-2.11.patch

If any error occurs, means it has been previously patched.

#5. Apache, PHP 7.x, Roundcube, Phpmyadmin, and other Associate Packages Installation.

ISPConfig server requires a number of applications. you can install them by following commands.

apt install apache2 apache2-utils apache2-doc libapache2-mod-php php7.2 php7.2-common php7.2-cli php7.2-mysql php7.2-sqlite3 php7.2-imap php7.2-gd php7.2-cgi php7.2-zip php7.2-mbstring php7.2-opcache php7.2-curl php7.2-intl php7.2-pspell php7.2-recode php7.2-tidy php7.2-xmlrpc php7.2-xsl libapache2-mod-fcgid apache2-suexec-pristine php-pear mcrypt imagemagick libruby memcached php-memcache php-imagick libapache2-mod-python php-gettext php-apcu phpmyadmin mailman roundcube roundcube-core roundcube-mysql roundcube-plugins php-net-sieve tinymce getmail4 javascript-common libjs-jquery-mousewheel rkhunter binutils vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl bind9 dnsutils haveged daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl quota quotatool libnet-dns-perl pure-ftpd-common pure-ftpd-mysql cabextract certbot

While installing them, a number of questions will be asked to you. Just fill them with the following configurations.

• Select a web server = Apache
• Set phpMyAdmin Password= [Set your own password]
• Set Roundcube application password = [Set your own password]
• Set system creates random passwords = [Set your own password]

# 6. Apache and PHP Configuration

When the above installation is done you have to enable some module of Apache and PHP. To do that use the following commands.

a2enmod rewrite ssl cgi include actions suexec dav_fs dav auth_digest alias

phpenmod mcrypt

systemctl restart apache2

Now set default_host block to “localhost” for RoundCube webmail by editing the config.inc.php file located at /etc/roundcube/ as given below.

nano /etc/roundcube/config.inc.php

# 7. pure-ftpd Configuration

Pure-ftpd is an FTP client that allows you to transfer or upload files securely to your Ubuntu server. For that set the value of VIRTUALCHROOT to true in pure-ftpd-common file located at /etc/default/.

nano /etc/default/pure-ftpd-common

Save it and restart FTP by using the command-

systemctl restart pure-ftpd-mysql

# 8. Make a New List for Mailman

newlist mailman

Enter your email and desired password.

Now put the following aliases by editing the file aliases at /etc/ folder.

nano /etc/aliases

postmaster: root
MAILER-DAEMON: postmaster
abuse: postmaster
spam: postmaster
clamav: root

mailman: "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join: "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request: "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"

Save and restart mailman.

newaliases

systemctl restart mailman

# 9. Disable Cron job for Awstats

To do that just comment out (as shown in picture) the following lines in awstats located at /etc/cron.d/ using command –

nano /etc/cron.d/awstats

# 10. Fail2Ban Installation

Fail2Ban is a Linux application that prevents brute force attacks. Install Faileban using the following command.

apt install fail2ban -y

When installation complete, edit jail.local file located at /etc/fail2ban/.

nano /etc/fail2ban/jail.local

Now paste the following lines inside the file.

[pure-ftpd]
enabled = true
port = ftp
filter = pure-ftpd
logpath = /var/log/syslog
maxretry = 3

[dovecot]
enabled = true
filter = dovecot
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
logpath = /var/log/mail.log
maxretry = 5

[postfix]
enabled = true
port = smtp
filter = postfix
logpath = /var/log/mail.log
maxretry = 3

# 11. Jailkit Installation

Jailkit is a set of programs to limit user accounts to specific files using chroot and or certain commands. Here the commands –

apt-get -y install build-essential autoconf automake1.11 libtool flex bison debhelper

cd /tmp

wget http://olivier.sessink.nl/jailkit/jailkit-2.20.tar.gz

tar xvfz jailkit-2.20.tar.gz

cd jailkit-2.20/

echo 5 > debian/compat

./debian/rules binary

cd ..

dpkg -i jailkit_2.20-1_*.deb

# 12. ISPConfig 3.1 Installation

This is the final step for ISPConfig 3.1 configuration. The following commands automatically download the latest version of ISPConfig. Download using wget command and install it.

wget -O ispconfig.tar.gz https://git.ispconfig.org/ispconfig/ispconfig3/repository/archive.tar.gz?ref=stable-3.1

tar xfz ispconfig.tar.gz

cd ispconfig3*/install/

php -q install.php

The installation may take a few minutes.

Now we successfully installed ISPConfig 3.1 on Ubuntu 18.04 server.

# 13. Access ISPConfig Hosting Panel

If all the steps are done properly without any error, then you will be able to login to the ISPConfig hosting control panel using port 8080. Go to –

https://xx.xx.xx.xx.xx:8080 or https://server.yourdomain.com:8080

Enter your username and password and you are done.

# 14. Possible Error

While accessing PHPMyAdmin using the https://xx.xx.xx.xx:8080 or https://server.yourdoman.com:8080, there may be a login problem.

#1698 - Access denied for user 'root'@'localhost'

I hope you have been successfully installed ISPConfig 3.1 on your Ubuntu virtual server. If any error occurs put a comment in the comment box below. Thank You.