How to install ISPConfig 3 on CentOS 7

As we know that ISPConfig 3 is used widely in the technology industry, we’ve therefor decided to make a tutorial on its installation over another most used Linux platform CentOS. This tutorial is tested on CentOS 7 and explains how to install ISPConfig 3 on CentOS 7.

Safeguard Network Security for ISPconfig 3

VPS provided by Rackhansa provides protection for all ports including 8080, only the port 22, 80, 443 are opened by default. So, your fresh installed ISPConfig 3 can not be accessed from the internet. Please read this post to find out how to securely access port 8080 and secure your ISPConfig instance.

Installation of ISPConfig 3

Before we could start learning how to install ISPConfig 3 on CentOS 7, be sure that Apache is stopped (if it is already installed). Therefor if apache is already installed on your system, you should stop it now.

 systemctl stop httpd.service 

Now we will download ISPConfig.

 cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz
tar xfz ISPConfig-3-stable.tar.gz
cd ispconfig3_install/install/ 

After downloading the ISPConfig, we will run the installation through the php program.

 php -q install.php 

After executing this script, the installation will be executed.

 >> Initial configuration

Operating System: Redhat or compatible, unknown version.

Following will be a few questions for primary configuration so be careful.
Default values are in [brackets] and can be accepted with .
Tap in “quit” (without the quotes) to stop the installer.

Select language (en,de) [en]: <-- (press Enter)

Installation mode (standard,expert) [standard]: <-- (press Enter)

Full qualified hostname (FQDN) of the server, eg test.server.com [test.server.com]: <-- (press Enter)

MySQL server hostname [localhost]: <-- (press Enter)

MySQL root username [root]: <-- (press Enter)

MySQL root password []: <-- enterYourSQLpasswd

MySQL database to create [dbispconfig]: <-- (press Enter)

MySQL charset [utf8]: <-- (press Enter)

Apache and nginx detected. Select server to use for ISPConfig: (apache,nginx) [apache]: <-- (press Enter)

Generating a 2048 bit RSA private key
…………………………………………………………….+++
………………………………………..+++
writing new private key to ‘smtpd.key’
—–
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]: <-- US
State or Province Name (full name) []: <-- Tampa
Locality Name (eg, city) [Default City]: <-- Florida
Organization Name (eg, company) [Default Company Ltd]: <-- ENTEROrganizational Unit Name (eg, section) []: <-- (press Enter)
Common Name (eg, your name or your server’s hostname) []: <-- test.server.com
Email Address []: <-- email@domain.com
Configuring Jailkit
Configuring Dovecot
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring Pureftpd
Configuring BIND
Configuring nginx
Configuring Vlogger
Configuring Apps vhost
Configuring Bastille Firewall
Installing ISPConfig
ISPConfig Port [8080]: <-- (press Enter)

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- (press Enter)

Generating RSA private key, 4096 bit long modulus
…………………………………………………..++
…………………………………………………………………++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [XX]: <-- (press Enter)
State or Province Name (full name) []: <-- (press Enter)
Locality Name (eg, city) [Default City]: <-- (press Enter)
Organization Name (eg, company) [Default Company Ltd]: <-- (press Enter)
Organizational Unit Name (eg, section) []: <-- (press Enter)
Common Name (eg, your name or your server’s hostname) []: <-- (press Enter)
Email Address []: <-- (press Enter)

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []: <-- (press Enter)
An optional company name []: <-- (press Enter)
writing RSA key
Configuring DBServer
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Restarting services …
Stopping mysqld:                                           [  OK  ]
Starting mysqld:                                           [  OK  ]
Shutting down postfix:                                     [  OK  ]
Starting postfix:                                          [  OK  ]
Stopping saslauthd:                                        [OK]
Starting saslauthd:                                        [  OK  ]
Shutting down amavisd: Daemon [1554] terminated by SIGTERM
[  OK  ]
amavisd stopped
Starting amavisd:                                          [  OK  ]

Stopping clamd.amavisd:                                    [  OK  ]
Starting clamd.amavisd:                                    [  OK  ]
Stopping Dovecot Imap:                                     [  OK  ]
Starting Dovecot Imap:                                     [  OK  ]
Reloading php-fpm:                                         [  OK  ]
Reloading nginx:                                           [  OK  ]
Stopping pure-ftpd:                                        [  OK  ]
Starting pure-ftpd:                                        [  OK  ]
Installation completed. 

We need to change the roundcubemail configuration file as to fit the ISPConfig environment.

 yum -y install roundcubemail 
 nano /etc/httpd/conf.d/roundcubemail.conf 

Next step is to restart Apache server.

 #
# Round Cube Webmail is a browser-based multilingual IMAP client
#

Alias /roundcubemail /usr/share/roundcubemail
Alias /webmail /usr/share/roundcubemail

# Define who can access the Webmail
# You can enlarge permissions once configured

#<Directory /usr/share/roundcubemail></Directory>
#    <IfModule mod_authz_core.c>
#        # Apache 2.4
#        Require local
#    </IfModule>
#    <IfModule !mod_authz_core.c>
#        # Apache 2.2
#        Order Deny,Allow
#        Deny from all
#        Allow from 127.0.0.1
#        Allow from ::1
#    </IfModule>
#</Directory>

<Directory /usr/share/roundcubemail></Directory>
        Options none
        AllowOverride Limit
        Require all granted
</Directory>

# Define who can access the installer
# keep this secured once configured

#<Directory /usr/share/roundcubemail/installer></Directory>
#    <IfModule mod_authz_core.c>
#        # Apache 2.4
#        Require local
#    </IfModule>
#    <IfModule !mod_authz_core.c>
#        # Apache 2.2
#        Order Deny,Allow
#        Deny from all
#        Allow from 127.0.0.1
#        Allow from ::1
#    </IfModule>
#</Directory>

<Directory /usr/share/roundcubemail/installer>
        Options none
        AllowOverride Limit
        Require all granted
</Directory>


# Those directories should not be viewed by Web clients.
<Directory /usr/share/roundcubemail/bin></Directory>
    Order Allow,Deny
    Deny from all
</Directory>
<Directory /usr/share/roundcubemail/plugins/enigma/home></Directory>
    Order Allow,Deny
    Deny from all
</Directory> 

Now, let’s finish the RoundcubeMail installation. Open the following URL in your web browser:
http://your-ip-address:8081/roundcubemail/installer
After opening this URL you will see roundcube installer page, scroll down to the bottom and click on ‘Next’.

Fill in the database information of the roundcube database and then click “Create Config”.

Open the file /etc/roundcubemail/config.inc.php and copy the content you see on the next page.

 systemctl restart httpd.service 
 nano /etc/roundcubemail/config.inc.php 

Final Steps

Now your ISPConfig 3 is ready to use. You can access it using the following URL :
https://yourserver.com:8080/ or https://localhost:8080/
When you login for the first time use admin as username and password would be the same. Once logged in you can easily change the password to whatever you desire.