DirectAdmin

How to install an SVN version of Apache using Directadmin Custombuild

This is a quick guide to help out those trying to install an NON-RELEASE version of apache. It was made due to intermittent crashes of apache 2.4.25 with HTTP2 on CentOS with DirectAdmin.

You can see the changelog here:

https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES

Here is the DirectAdmin discussion this was first reported on:

https://forum.directadmin.com/showthread.php?t=52590&page=3

Anyhow...

Here's the fix:

Tags: apache http2 DirectAdmin centos

How to install HTTP/2 on DirectAdmin

Install OpenSSL with ALPN support

cd /usr/local/src/
wget ftp://ftp.openssl.org/source/openssl-1.0.2j.tar.gz
tar xzf openssl-1.0.2j.tar.gz
cd openssl-1.0.2j
./config --prefix=/usr/local/lib_http2 no-ssl2 no-ssl3 zlib-dynamic -fPIC
make depend
make install

Install nghttp2 - HTTP/2 Library

cd /usr/local/directadmin/custombuild
./build update
./build nghttp2

​Install HTTP/2 for Apache 2.x

cd /usr/local/directadmin/custombuild
mkdir -p custom/ap2
cp -p configure/ap2/configure.apache custom/ap2/configure.apache
vi custom/ap2/configure.apache

### REPLACE "--with-ssl=/usr" \
### WITH:

        "--enable-http2" \
        "--enable-ssl-staticlib-deps" \
        "--with-ssl=/usr/local/lib_http2" \


### Rebuild apache

./build apache

### Add HTTP/2 settings to httpd-includes.conf
Tags: DirectAdmin Linux http2 http/2

How to install OPCache using DirectAdmin custombuild

If you used custombuild to install opcache, then you will need to set the opcache settings there.

cd /usr/local/directadmin/custombuild
 vi options.conf

Change opcache=no to opcache=yes

opcache=yes

Set your opache settings here:

vi custom/opcache/opcache.ini

Here are my settings (This is for a fast server, with 128GB RAM):

Tags: Linux DirectAdmin custombuild opcache

Tighten SSL security: SSL certificate chain and SSLCipherSuite

Update SSLCipherSuite

Issue

Clicking the certificate info in chrome, you'll see a message:

"Your connection is encrypted using an obsolete cipher suite."

Solution

vi /etc/httpd/conf/extra/httpd-ssl.conf

Replace SSLCipherSuite with the following:

SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+AESGCM EECDH EDH+AESGCM EDH+aRSA HIGH !MEDIUM !LOW !aNULL !eNULL !LOW !RC4 !MD5 !EXP !PSK !SRP !DSS"

Restart Apache.

service httpd restart

Optional: Update ssl_cipher in directadmin.conf

vi /usr/local/directadmin/conf/directadmin.conf

Replace or add:

Tags: Server admin SSL DirectAdmin

How to move an account from DirectAdmin to WHM/cPanel

If you tried using WHM's Transfer Tool on very large sites, you've probably got a timeout error.

To fix this, we'll need to do this through SSH (via root) what the Transfer Tools wasn't able to do itself.

STEP 1.

The Transfer Tool will create a /scripts directory--with all required scripts--at the base of your server, which we will use to create WHM/cPanel compatible backups.

The name of the script will look like the following: /scripts/pkgacct.YOUR_CPANEL_SERVER_NAME

Type the following to get the exact name:

ls -la /scripts/

STEP 2.
Next, go into your /home directory to get a listing of the account names.

Tags: Server Linux cpanel DirectAdmin transfer

Enable DKIM and have Exim SMTP banner use the accounts dedicated IP in DirectAdmin for PHP mail

Enable DKIM and change the PHP mail SMTP Sender banner

To Change the "Sender" info we have to do the following:

cd /usr/local/directadmin/data/templates/custom/
cp /usr/local/directadmin/data/templates/virtual_host2.conf /usr/local/directadmin/data/templates/custom/
cp /usr/local/directadmin/data/templates/virtual_host2_secure.conf /usr/local/directadmin/data/templates/custom/
sed -i 's/`USER`@`DOMAIN`/no-reply@`DOMAIN`/g' ./virtual_host2*.conf
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq d
Tags: Linux exim DirectAdmin DKIM spam SMTP PHP mail email

DirectAdmin blacklisted and whitelisted IP

Recently my IP address was blacklisted by directadmin on my own server.  Here's a how-to that may save you time, in case you're unable to login to DirectAdmin.

Start DirectAdmin in debug mode

cd /usr/local/directadmin
killall -9 directadmin
./directadmin b2000

Now try to log into directadmin. You should see the reason why you are unable to. For me it was "Blocking blacklisted IP xxx.xx.xxx.xxx"

Tags: DirectAdmin Linux Administration

How to install CSF (ConfigServer Security & Firewall) with DirectAdmin or WHM

Block IPs with Brute Force Monitor in DirectAdmin using CSF

Source: https://help.poralix.com/articles/how-to-block-ips-with-csf-directadmin-bfm

Regular install of CSF

cd /usr/local/src
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
./install.directadmin.sh

Now login as Admin into directadmin or WHM, and click the link ConfigServer Security & Firewall

You'll probably want to add your WAN IP here--you can find out what it is here: http://www.ip-secrets.com/

Then add your WAN IP into Quick Allow column.

Tags: CSF firewall security Linux Server admin DirectAdmin

DirectAdmin how to set an external email server for Domain Pointers

If you ever created domain pointers in DirectAdmin, you may have wondered how to set the domain pointer NOT to process email locally.

For instance say you have PRIMARYDOMAIN.com as the main domain under your DirectAdmin account--and it is set NOT to process emails locally, but rather have an external email server handle that; Under MX Records you un-checked "Use this server to handle my emails. If not, change the MX record and uncheck this option". So now you decided to create a "domain pointer" under that same account for another domain SECONDARYDOMAIN.com ... You set the proper MX records for this domain pointer under DNS settings, pointing to the external mail server, and think you're all good to go...

Tags: exim DirectAdmin Linux Administration

How to upgrade coreutils to latest version (from source)

Say you're on CentOS 5.x, and want to pimp out your bash prompt using the pretty awesome Solarized color scheme. Well, there's a nice .bashrc Solarized setup here: https://github.com/seebi/dircolors-solarized. To use all the features of dircolors.256dark version, you'll need GNU coreutils 8.5 or higher, otherwise you'll get errors like this:

Tags: Linux coreutils centos Administration DirectAdmin

How to set a custom sub-domain path in DirectAdmin

UPDATE: See below, there's an easier way to do this. Plus DirectAdmin's way doesn't seem to be working through the 'Custom HTTPD Configurations' way.... So, just use the way listed below. It's much easier.

*** OLD WAY / start ***
I work with Drupal's Domain Access module a lot. However, if you're using DirectAdmin as your hosting control panel, then making sub-domains will not work with the default setup. DirectAdmin puts the sub-domain into a separate directory, and in order for Domain Access to work with sub-domains on DirectAdmin, this needs to be set as the same directory/path as the top domain.

A simple work around is to login to DirectAdmin as administrator, and go into "Custom HTTPD Configurations".

Here you will paste the following code:

Tags: DirectAdmin Linux Drupal Domain Access