Change of mail header form field identifier from ISPConfig 2 to ISPConfig 3

If you have a local mail server installed and change your server controlpanel to ISPConfig 3, having used ISPConfig 2 in the past, you may have to change the value that defines the form field observed by all functions in need of the address that mails are supposed to be delivered to (catchalls, etc.) on ... Read more

Update to latest Spamassassin filter rules in ISPConfig 2

The ISPConfig 2 controlpanel installs its own copy of Spamassassin in the folder /home/admispconfig/ispconfig/tools/spamassassin . To update the Spamassassin filter rules in ISPConfig 2, run this command as root user: /home/admispconfig/ispconfig/tools/spamassassin/usr/bin/sa-update To test if Spamassassin works with the new ruleset, run this command: /home/admispconfig/ispconfig/tools/spamassassin/usr/bin/spamassassin --lint If it does not return an error message, then Spamassassin is ... Read more

Secure /tmp and /dev/shm directories in a OpenVZ enviroment

The /tmp and /dev/shm directories of a OpenVZ virtual machine shall be mounted without suid and exec permissions. To achieve this, create a a shell script on the host server for every virtual machine which contains the commands to remount the directories. This script will be started automatically by openvz when the VM is started. ... Read more

Apache webserver: redirect requests for domain.com to www.domain.com

Many webmasters want to redirect users that access their websites with "domain.tld" automatically to "www.domain.tld". If you use the Apache web server, you can do this by using Apache rewrite rules. Add a .htaccess file with the following content in the root directory of the website: RewriteEngine On RewriteCond %{HTTP_HOST} !^www\.domain\.com RewriteRule (.*) http://www.domain.com/$1 [L,R=301] ... Read more

How to fix the spamassassin bug with the FH_DATE_PAST_20XX rule

Since january 1 2010, spamassassin is falsely marking non spam emails as spam due to an error in the regular expression of the FH_DATE_PAST_20XX rule. Description of the bug: https://secure.grepular.com/blog/index.php/2010/01/01/spamassassin-2010-bug/ To fix this, run the following command on the shell as root user: sa-update If you use the software ISPConfig 2 on your server, run ... Read more

How to use a custom php.ini with suphp

To use a custom php.ini file with SuPHP for a website, you can define the path to the php.ini file in a .htaccess file or in the apache vhost like this: suPHP_ConfigPath /home/websites/domain.tld/ Then add a php.ini file in the directory /home/websites/domain.tld/ which may be a copy of the global php.ini were you just changed ... Read more

Change the language of webalizer statistics on Debian and Ubuntu Linux

The language of the generated Webalizer statistics is statically compiled into the Webalizer binary. To change the language, Webalizer has to be recompiled. In the following example, I will recompile Webalizer to change the language to german. Uninstall Webalizer and install the GD library: apt-get remove webalizer apt-get install libgd2-xpm-dev Download the latest Webalizer sources ... Read more

Set stricter PHP settings to secure joomla and wordpress installations

If you run a Joomla or WordPress installation with mod_php, the following settings in the vhost configuration file or the "Apache directives" field in ISPConfig can be used to set a stricter security policy. This helps limit the impact of a possible hack to this website and protect the other sites on the server. php_admin_value ... Read more