Install virtualmin / webmin on centos – complete server setup.

Install Virtualmin:

Virtualmin is free control panel for server. It helps to manage multiple host / websites by managing Apache, Nginx, PHP, DNS, MYSql, FTP, SSH and many more. It is recommended to install virtualmin in fresh server rather ran existing server to prevent conflicts.

This tutorial will help you to setup complete virtualmin server with everything you need to run websites on your VPS or dedicated servers.

Step 1:
Update Yum and install perl and wget which is required for virtualmin.

$ yum update
$ yum install wget
$ yum install perl

Step 2:
Setup Hostname for server:

More details on hostname can be read here.
Let setup hostname as server.mydomain.com ( this is just a example you can setup any hostname you like but make sure you have that domain name with you. )

$ hostname server.mydomain.com

Step 3:
Set timezone:

Please refer to this article for timezone setup (click here)

Step 4:
Add more swap memory:

Please refer to this article for swap memory (click here)

Step 5:
Temp folder management.

we need to delete tmp folder time to time otherwise it will run out of space. To do that lets intsall tmpwatch and set the corn job to run it daily to auto clean up.

$ yum install tmpwatch -y

#update corntab and add following line
0 4 * * * /usr/sbin/tmpwatch -am 12 /tmp

Step 6:
Install virtualmin:

$ wget http://software.virtualmin.com/gpl/scripts/install.sh
$ chmod +x install.sh
$ ./install.sh

Once virtualmin installed, you can login to virtualmin admin by ip address
https:<your server ip>:10000

Step 7:
Security

a) Change port number for virtualmin.

Login to your server https:<your server ip>:10000 with root and system password .

go to webmin > webmin configuration > port and addresss  and change default port 10000 to any port you like .

B) Fix DNS  open resolver attack :

Open DNS will allow anyone to use your dns server and send attack to other servers. So to prevent this we need to allow only our ip ( IP of server). Please refer to this article to fix this problem. ( click here)
Before we work on virtualmin, lets install additional modules for the server.

C) INSTALL FIREWALL:

We can install any open source firewall but my personal choice is CSF firewall. Setup is very simple.  Please read http://download.configserver.com/csf/install.txt document to install it and also option to add interface to webmin.

Installation is quite straightforward:

cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

To install or upgrade the csf webmin module:

Install csf as above
Install the csf webmin module in:
  Webmin > Webmin Configuration > Webmin Modules >
  From local file > /usr/local/csf/csfwebmin.tgz > Install Module

Note:
CSF Firewall comes will lots of options. But to start with , make sure your newly added port for virtualmin / webmin is listed in port list.

a) go to Webmin > System > ConfigServer Security & Firewall > Firewall Configuration 
make sure your port ( for webmin ) is there in  TCP_IN, TCP_OUT. If not please add it. 

b) You can also click on check server security to check if there are any loop holes. 
c) Once you happy you can change it from testing mode to live. 

d) SSH only login

Its better to have SSH only login to prevent brute force attacks. Please refer to this article for setup instruction. ( click here)

 

Aditional Setups:

So far you are now ready to host domains / website in your site but you may also consider to install following for more security.

a) Php_suhosin
Php Suhosin will prevent any illegal activity in php code to execute.

b) mod Security:
Its a proxy to prevent cross browsers attacks, injection attacks, brute force e.t.c

c) Nginx

light weight server for web application. ( click here for how to )

 

 

Advertisements

How to change hostname in centos ?

How to change Hostname centos?

Changing hostname is fairly easy task . Hostname must be unique so usually its look like sudomain in a fully qualified domain name like host.mydomain.ctl. Providing fully qualified domain name will help server to reach to other network due to its uniqueness. So for the server which is connected to internet, its prefered as domain name as it will be unique in world wide network.

 

Naming convention:

  • the ASCII letters a through z (in a case-insensitive manner);
  • the digits 0 through 9; and
  • the hyphen (-).

No other symbols, punctuation characters, or white space are permitted.

 

Checking Hostname & FQDN

Current hostname can be viewed in current server by follow commands:

$ hostname

to check FQDN

$ dnsdomainname

 

Changing host name:

Edit host file:

$ vi /etc/host

and add your host info, for example our server ip is 66.99.0.1 and host is host.domain.ctl then, we will add line to the host file like this :

66.99.0.1 host.domain.ctl

and save /close.

Now edit network file:

vi /etc/sysconfig/network

and add:

HOSTNAME = host.domain.ctl

 

Now restart network services:

 

$ service network restart

 

Setting Hostname  from command line:

We can also set hostname from command line but this will be lost once the server is restarted.

$ hostname host.domain.ctl

finally, verify the hostname by typing hostname and you will see your new hostname.

$ hostname