Good DirectAdmin setup

Red

Verified User
Joined
Nov 8, 2009
Messages
14
Hello all, so I need to setup directadmin on a server and since I'm not an expert I want to know what type of setup the experts are using.

I've configured mine in this manner:

Apache 2.2
PHP 5 cgi
MySQL 5.1
Dovecot
Exim
ProFTPd
Squirrelmail
Jailed shell

I also want to ask: what are the differences between PHP-CLI and PHP-CGI?
...and...
What is the setup type that use less memory? :p
...and (last)...
What is the more secure setup?

I'm sorry for all these questions but I've used DirectAdmin 1 year ago, and now that I've bought another license I really want to ask those questions. :)

Thanks in advance.
 
Well I'm no expert, but I always start with securing my server, which means security /tmp and /dev/shm, installing a good firewall (we use csf/lfd), rkhunter etc.
After that installing Directadmin.

We do not do shells. So users will not get ssh shell, because they don't need it in most cases anyway. Not even jailed shell.
When directadmin is ready, we are using security measures as descript in the help section of directadmin and we install mod_ruid (with php_cli), which is faster then php-cgi, however, has a disadvantage. When there would really come an apache breach, that way hackers could get root access. So you have got to have your apache and php up2date at any time.

Also either use the php-safe config from DA or make some security settings in the php.ini yourself, like setting enable_dl() to off and adding various things in the disable_functions part.

That's how we do it.
But there are more possibilities which will surely be mentioned here.
 
PHP CGI in my experience is a lot memory-greeder than PHP CLI with a mod_ruid combination, there for I would love to use it.

In addition to the methods Richard and myself are using, we often install Suhosin (a PHP hardening patch) and we monitor our systems closely. This may often be forgotten but it is the key to system administration. You want to briefly know what is ongoing on your systems at all time.
 
Back
Top