标签 DirectAdmin 下的文章

DirectAdmin 主机开通后有个临时访问地址:http://ServerIP/~username/
如果安装了suPHP,通过该地址是无法解析PHP文件的,会抛出500错误。

关于原因引用DirectAdmin官方帮助文档

By default, suPhp is compiled in "paranoid" mode. This means that the settings in the user httpd.conf files:
“suPHP_UserGroup username username
will require all php files to be owned by username or suPhp will throw a "500 Internal Server Error".

This does not apply to domains, when used normally, because each domain has it's own VirtualHost with the suPHP_UserGroup inside it using the correct settings.

The ~username (UserDir) method will fail in paranoid mode, because there is not a virtualhost for each ~username path, and no suPHP_UserGroup settings for each user, hence you get the 500 error.

因为suPHP_UserGroup默认安装是owner模式,所以通过http://ServerIP/~username/地址访问suPHP不会通过,PHP程序用域名访问才会通过。解决办法是将owner模式修改为paranoid模式。可以登入SSH输入以下命令完成:

cd /usr/local/directadmin/custombuild
mkdir -p custom/suphp
cp -fp configure/suphp/configure.suphp custom/suphp/configure.suphp
perl -pi -e 's/paranoid/owner/' custom/suphp/configure.suphp
./build clean
./build suphp
cd /usr/local/directadmin/data/templates/custom
cp -f ../virtual_host* .
perl -pi -e 's/suPHP_UserGroup/#suPHP_UserGroup/' virtual_host*.conf
perl -pi -e 's/suPHP_UserGroup/#suPHP_UserGroup/' /etc/httpd/conf/httpd.conf
perl -pi -e 's/suPHP_UserGroup/#suPHP_UserGroup/' /etc/httpd/conf/extra/httpd-directories-*.conf
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue

Which will change all references of suPHP_UserGroup to #suPHP_UserGroup, basically, just commenting them out.


还有一种方法不需要改变suPhp,但只针对但个用户,如果需要尝试的话编辑文件

/etc/httpd/conf/extra/httpd-includes.conf

添加以下内容

<Directory "/home/username">
      <IfModule mod_suphp.c>
               suPHP_Engine On
               suPHP_UserGroup username username
               SetEnv PHP_INI_SCAN_DIR /usr/local/directadmin/data/users/username/php/
       </IfModule>
</Directory>

重启apache服务:service httpd restart

本文档内容参考引用自DirectAdmin官方帮助中心:http://help.directadmin.com/item.php?id=176

1、先联系DA官方更换IP,就是重新颁发许可证。

2、启动服务器。并在网络中分配该IP地址,这个一般都分配了的。。

3、如果第一步已经做过了,并且成功颁发了。执行下面的操作更新下。

cd /usr/local/directadmin/scripts 
./getLicense.sh 1234 56789

1234是客户编号,56789是许可证编号。

4、然后重启DA

/etc/init.d/directadmin restart

5、使用下面的脚本批量更换IP

cd /usr/local/directadmin/scripts   
./ipswap.sh 1.2.3.4 4.3.2.1

前面是老的IP,后面是新的IP。

6、重启服务

/etc/init.d/httpd restart 
/etc/init.d/proftpd restart 
/etc/init.d/exim restart 
/etc/init.d/dovecot restart

官方wiki http://help.directadmin.com/item.php?id=250
参考:http://lanbing.org/dachangeip.cgi

刚安装完DirectAdmin发现phpmyadmin 500错误,/var/www/html里面的PHP文件访问都是500错误,执行以下命令可解决。

cd /usr/local/directadmin/custombuild/
./build update
./build apache
./build rewrite_confs
service httpd restart

cd /usr/local/directadmin/data/skins/enhanced/lang/
wget http://dadi.me/wp-content/uploads/dir/Software/VPS/directadmin-cn.zip
unzip directadmin-cn.zip
vi /usr/local/directadmin/data/users/admin/user.conf
把language=en 修改为 language=cn
service directadmin restart

本站下载:
directadmin-cn

上次介绍了用Fail2Ban 防御 SSH、FTP的穷举,但其实fail2ban的可扩展性很好,只要是有登入错误的纪录档,及写下正确的正规表示式便可以使用,以下是阻挡SquirrelMail、POP3、SMTP、POSTFIX的穷举。(我是在DirectAdmin(DA)下配置,其它请根据自身修正 logpath 位置)

一、SquirrelMail 防御

编辑 /etc/fail2ban/jail.conf 文件, 并加入以下內容:

[squirrelmail-iptables]

enabled = true
filter = squirrelmail
action = iptables[name=SquirrelMail, port=http, protocol=tcp]
logpath = /var/log/maillog
bantime = 3600
findtime = 300
maxretry = 6

- 阅读剩余部分 -

XCache是一款免费的PHP加速器,我的DA编译的组件版本:Apache2.2,PHP5.3.25,MySQL5.5,CGI模式的。
目前,XCache最新的版本为3.0.1,我们就在DA上安装XCache,以下是编译过程:

cd /usr/local/src/
wget http://xcache.lighttpd.net/pub/Releases/2.0.1/xcache-2.0.1.tar.gz
tar -zxvf xcache-2.0.1.tar.gz
cd xcache-2.0.1
export PHP_PREFIX="/usr/local"
$PHP_PREFIX/php5/bin/phpize
./configure --enable-xcache -with-php-config=$PHP_PREFIX/php5/bin/php-config
make && make install

- 阅读剩余部分 -

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5