By now you should already have your server purchased and ready to go, if not go watch a movie while its being “set up” and come back here, I’ll be here I promise. I know when I got my first dedicated server from 1and1 Web Hosting it took forever for them to “set it up” or whatever it is they do. I read on the website it normally takes about 24 hours but in my case it was closer to 4 days. I don’t want to knock them because maybe they were low on hardware and I did get double the amount of ram I signed up for so I can’t complain.
Obviously since I have 1and1 hosting there will be many references to how they do things and to Parrales Plesk Panel, you can still follow along if you have another hosting company but there will be many things that don’t apply to your hosting situation. Hopefully the usefulness of this article is great enough that even with another hosting company everyone will be able to get something out of it.
Before we start for those of you who are curious I have the 1&1 Dedicated Server DC M with 4GB ram and it barely breaks a sweat with my current configuration and usage.
The first this you will want to do is roll your server, thats right roll it. For those unfamiliar with the term it means to format and completely start over, if you have been using the server you will want to skip this step but if you just got the keys to your shiny new server handed over to you then chances are its not setup the way you want it to be or the way it should be anyway. 1and1 offers some great backend tools for reloading your server and even entering into a recovery mode when needed (hopefully never). So log into your 1and1 control panel and navigate to “Server Re-Image”, you can chose any of the options here but I HIGHLY recommend “CentOS 6 with Parallels Plesk Panel 10 (64-bit)” or the equivalent up to date 64bit Centos OS and Plesk Panel. If you have magical balls of steel you can roll your own and go with the “CentOS 6 minimal system (64-bit)”, “openSUSE 11.4 minimal system (64-bit)” or “Debian 6 minimal system (64-bit)” but I will tell you life will be much harder for you and you will gain very little in the long run. They also offer a Ubuntu install if thats your thing but I don’t see the benefit without the GUI and if you plan on running X on your dedicated hosted server with minimal memory and hard disk space your a fool and you should probably take a huge step back and re-think your deployment strategy.
Once you get the OS reloaded theres a few things we should do right off the bat, #1 is make sure the 1and1 firewall is disabled until we get everything configured the way we like, you can access this in the control panel under “1and1 Servers / More Features / Firewall”. If you want to rename your server now is a good time to do it, for instance my server name is ITTECHTOOLS.NET (My main website) instead of the ridiculous name 1and1 assigns to the server which is something along the lines of “u83645092.onlinehome-server.com”. To do this you will want to fire up your SSH client and connect into your server, if your not familiar with SSH and the command line your in for one hell of a ride because even with PLESK and Webmin (we’ll get to that) you will still be in the command line here and there. If you have OSX or Linux you can just open terminal and type root@serverIP and then your password. If you have Windows I recommend grabbing a great little program by the name of PuTty and save your server session in there. To see the current hostname of the system just simply type hostname or hostname –fqd, to rename your hostname type
Reboot your server with the shutdown -r command and when it comes back online verify the new hostname in
If you don’t already know how to view files in the command line there are a couple popular command line editors, VI, VIM & NANO just to name a few. I think the server comes with VI by default but I prefer nano and I would install a couple anyway since they don’t take up much space, they don’t conflict and when you come across different articles you will see usage of both so its easier just to use the same one as the article to keep things simple. You can download nano and many other programs by using YUM, also a quick side note is the Linux is case sensitive and although I am typing in caps to emphasize these items, if you do the same in Linux you will come up with a command not found or something similar because they are case sensitive. Let’s grab nano by typing
yum install nano
Once nano is installed you can check your hostfile by typing
Now that we got that out of the way you should log into your Plesk Panel and poke around a bit, maybe change some defaults like the Site Branding and what not. One thing I will mention is that there is two modes for Plesk and one seems like the obvious choice but I can tell you from experience its not. Let me explain, Plesk is setup for a hierarchy of domain resellers, administrators and users but there is another mode which I believe is called something like single user mode that seems perfect for the administrator who only plans to host their own content. I ran my first server installation in this mode and I can tell you after all the headaches and workarounds I finally threw in the towel and reloaded the server. When you run in this mode Plesk will separate your settings for each website from the actual content and this causes issues with things like webmail and website statistics along with anything else looking for the “normal” layout of things. I will have to draw a diagram later and attach it to this article to really explain what I mean but you can take my word for it that you want to leave the default reseller mode active. There are some other issues you will run into like getting root access to MYSQL so you can see, manage and backup all databases at once but after much head pounding and digging I found out the secret to this and I will share it with you when the time comes. For now lets continue on and get the next item installed.
Webmin, this product is truly great in fact whenever I am tasked with managing a Linux server the first thing I do is install Webmin even if it already has a GUI installed. I love this product if you couldn’t tell and rightfully so as it eases administration tasks and give you a great overview of whats going on and how things are really configured. You can manage everything from server hardware to OS functions to high level software like Apache and MYSQL. Installing Webmin on Centos is extremely simple and straight forward, simply issue these three commands from an SSH session and follow the on screen prompts which I believe only require you hitting he enter key a few times.
cd /tmp wget http://prdownloads.sourceforge.net/webadmin/webmin-1.580-1.noarch.rpm rpm -U webmin-*.noarch.rpm
Before we can log into Webmin we need to log back into Plesk and add the port to the firewall rules, My first Plesk installation was locked down but my second was wide open so you may not need to make any changes at this time but we still need to check just in case it doesn’t work. In Plesk open “Tools & Resources / Firewall”, Select “Edit Firewall Configuration”, then “Add Custom Rule”. Name your rule something like Webmin and configure as shown in the screenshot below.
Now log into webmin with your root account using the address that was provided at the end of the installation, if you forgot it don’t worry its just your server IP address with :10000 after it representing port 10000, we will want to change this later to something like 10111 or anything similar to avoid hackers and script kiddies looking for known ports. To change the default Webmin port open “Webmin / Webmin Configuration / Ports and Addresses” You should see where it says “Listen on Port”, change this to something you will remember but keep it in the 10k range.
Don’t forget to change the firewall rule in Plesk after you change the port in Webmin. Now would be a good time to install updates, you can do this right from Webmin or by using the command line and issuing the command
The main system information page in Webmin will notify you of any updates available and while were working with updates now would be a good time to tell Webmin to check daily for new updates, this can be done by clicking the updates link on the system information page, it doesn’t matter if it says there are or are not updates available, this will take you to the same page where you can tell Webmin to check for updates on a scheduled basis. I recommend selected Webmin to check every day for updates and don’t forget to check the YES bubble, Do not select for Webmin to automatically install the updates, select the option “Just Notify”.
I will leave PHP, MYSQL, Chaching and so on for another article, there is way to much to cover in this one article and I have some great information to share regarding each one of those subjects dealing with performance, maintenance and administration. I have read many articles and found what I consider the perfect settings for both performance and stability given my server specs and usage. I will also walk you through setting up MySQL Workbench for administration and configuring a Cache plugin for PHP.
If you haven’t already, start going through Webmin and make sure all of your server services are listed under the Servers section. If you notice something is missing like PHP and you know its installed first try to select Refresh Modules on the left, if it still doesn’t show up you can find it under “Un-Used Modules” and it will tell you where its looking for the configuration files or what the error is. Paralles does things very differently if you haven’t figured that out by now, like the use of BIND DNS to manage Web Site DNS data and the Apache configuration files located in each website directory. It’s very enlightening to be able to see these things and understand how Parallels configured these items to work together, its also nice to have a GUI to be able to jump right into the configuration of an item without digging through lines of text in a configuration file. Another priceless tool is the File Manager listed in the “Others” section, this gives you a Windows Explorer style file explorer with every option you should need including the ability to set permissions on files and folders. Well thats enough about Webmin and my love of the product, I’m sure if you haven’t already you will learn to love it yourself.
With all the light configuration complete and your OS fully updated you can now start deploying websites, if your setting up new websites you will need to register the domain name in the 1and1 control panel and leave the default settings which just point the name to the IP of your server. After this you can set up the website in Plesk and create a new directory for the site. One thing to note is when creating new sites Plesk will deploy a set of folders with default content, you can change this set of folders through Plesk with limited capacity. If you want full control over the folders and documents deployed with each new Site and Sub Site you will need to fire up an FTP client or use Webmin and navigate to “/var/www/vhosts/.skel/0” and adjust the content there. I’m not going to go to far into deploying websites but I will tell you if your having issues with specific sites working, namely PHP websites don’t forget to check the settings in Plesk. To get to the site specific PHP settings you will need to open the Domains tab then to the right of the domain select “Open in Control Panel”, Under “Websites and Domains” tab click on your domain name. There you will find “Web Scripting and Statistics” with a host of options. CGI is the fastest option but for compatibility or if your having issues you can select “Apache Module”. Below is a screenshot of my current setting for my two WordPress websites.
Now your should start thinking about webmail, if you don’t wish to use webmail you don’t have to. You can use a client program like Outlook or OSX mail and grab your email that way. I prefer to have a webmail client while I am at work because I don’t want all of my personal mail on the work computer if something were to happen like getting fired or such, at that point its not an invasion of privacy if you email is on a company owned machine.
There are two parts to the email system on Linux, the back end server component and the front end webmail component which is optional. By default Plesk comes with the Postfix mail server installed and configured for the backend, for the front end I believe Horde is installed by default but this can be changed easy enough. Horde is very powerful and webmail client but looks extremely dated, another option is Squirrel Mail which has plenty of features but still looks just as dated as Horde. A third option is AtMail but you only get the free version which is stripped down and limited, it also throws a footer message in all of your sent mail but this can be removed by editing a file on the server. This would also be a good time to setup a Spam filter, Plesk comes with SpamAssasin installed by default and its as easy as flipping a switch to get it working. Visit “Tools and Settings \ Spam Filter Settings” Here you can switch on sever wide Spam filtering and set a few other Spam filter specific options.
To add a new webmail application go to Domains and open one of your domains in the Control Panel. From here go to “Websites and Domains” and select “Applications”, Select “All available Applications” and under “Collaboration” select “Email”. Here you will find some optional webmail clients, simply click the “Install” button and follow the onscreen configuration options if any. After this we need to return to the Server Administration Panel and select “Tools & Settings \ Webmail”, Select your new webmail client application and use the “Activate” button. The final step is to go back into the domain you wish to change the webmail application on and open it in the control panel. Now navigate to the “Mail” tab and click on “Change Settings”, Here you can use the drop down to change the webmail application. You will need to do this for each domain you wish to change the default webmail client on. If you really want a powerful webmail solution where all of your email accounts can be filtered in and even custom rules applied then check out my article on setting up OpenXchange with 1and1 and Dedicated servers.
Great now we have Plesk, Webmin and your server configured. There are still many features and settings that need to be configured and I will try to touch on all the important settings. Once you have Plesk and Webmin configured its time to start locking down your server, by now I would hope you have changed your default Root Password to something more secure than the default when your server was configured. Unless 1and1 has changed something last I remember there was severe limitations on the setup password, such as no symbols and so on. Changing the root password is easy enough, if you are SSH’d into your server and already logged on as root you simply type “passwd” without quotes.
Next thing on the list is configuring the firewall, for now we can leave the firewall in 1and1 alone and only worry about the firewall in Plesk. Later we can duplicate our rules into the 1and1 firewall for added security in case your Plesk login is comprimised. Log into Plesk and navigate to “Tools and Settings \ Firewall \ Edit Firewall Configuration”, Start by clearing out all the current rules, just delete them all and lets start from scratch. If you can’t delete some rules don’t worry because we cant still change them to Deny from Allow. There are many rules that can be safely changed to Deny, you can view the screenshot of my rules and copy from them, just substitute your Webmin port where you see mine.
Great we now have a configured and secured webserver running the latest Centos and Parallels Plesk Panel. Please see my other articles for information on configuring PHP and MYSQL for performance, Configuring root access to Mysql for administration and backups, Creating a simple backup solution that utilizes the 1and1 FTP server space, Configuring Apache, MYSQL, PHP and BIND DNS without Plesk and more.
Thank you for reading, I hope this article was helpful. Please leave a comment below if this article helped you, if I missed something or if you would like to see an article on something else.