"Perfect Server" Installasi dan Konfigurasi ISPConfig 3 Debian 8 Jessie [Part 3]

Assalamualaikum Wr Wb

Ok sobat blogger kita akan melanjutkan installasi dan konfigurasi ISPConfig.

1. Kita install Fail2ban dan UFW Firewall
Fail2ban adalah perangkat lunak yg melindungi komputer server dari serangan brute-force attack. Fail2ban ditulis dalam bahasa pemrograman python, dapat berjalan pada sistem yg memiliki antarmuka paket-kontrol atau firewall yg di install secara lokal seperti iptables.

#apt-get install fail2ban

2. Kemudian kita buat file jail.local pada directory /etc/fail2ban/

#nano /etc/fail2ban/jail.local

3. tambahkan konfigurasi berikut ini :

[pureftpd]
enabled = true
port = ftp
filter = pureftpd
logpath = /var/log/syslog maxretry = 3

[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log
maxretry = 5

[postfix-sasl]
enabled = true
port = smtp
filter = postfix-sasl
logpath = /var/log/mail.log
maxretry = 3

save and exit

4. Selanjutnya kita buat file pureftpd.conf letakkan di directory /etc/fail2ban/filter.d/

5. Tambahkan baris konfigurasi berikut :

[Definition] failregex = .*pure-ftpd: \(.*@\) \[WARNING\] Authentication failed for user.* ignoreregex =

6. Kemudian kita buat lagi file dovecot-pop3imap.conf pada directory /etc/fail2ban/filter.d/

#nano /etc/fail2ban/filter.d/dovecot-pop3imap.conf

7. Tambahkan konfigurasi berikut :

[Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P\S*),.* ignoreregex =

8. kemudian kita tambahkan ignoreregex ke dalam postfix-sasl filter dengan perintah

#echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf

9. Restart service fail2ban dengan perintah

#/etc/init.d/fail2ban restart

10. Install ufw

#apt-get install ufw

11. Install Rouncube
Roundcube adalah klien email IMAP berbasis web. Fitur yang paling menonjol Roundcube adalah penggunaan teknologi Ajax. Roundcube ditulis dalam PHP

karena rouncube tidak ada di repository bawaan maka kita perlu menambahkan repository backports dengan perintah

#echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list

setelah itu kita update

12. Kemudian kita install rouncube

#apt-get install roundcube roundcube-core roundcube-mysql roundcube-plugins

pilih yes

pilih database yg digunakan [saya menggunakan mysql]

isi password dari database

pada bagian ini langsung enter saja

13. Edit file config.inc.php pada directory /etc/rouncube/

#nano /etc/rouncube/config.inc.php

jadikan default_host dan smtp_server ke localhost

14. Edit file rouncube.conf pada directory /etc/apche2/conf-enabled/

#nano /etc/apache2/conf-enabled/rouncube.conf

15. Tambahkan konfigurasi berikut pada bagian atas / paling awal

Alias /webmail /var/lib/roundcube

16. Selanjutnya kita reload service apache

#/etc/init.d/apache2 reload

17. Kita bisa membuka rouncube melalui browser menuju ke link
http://ip-address-server/webmail
maka akan muncul tampilan seperti berikut ini

18. Langkah berikutnya kita menuju ke directory /tmp/ dan download file ISPConfignya

#cd /tmp
#wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz

19. Setelah selesai di download kita etract file ISPConfignya dengan perintah

#tar xvzf ISPConfig-3-stable.tar.gz

perintah ini digunakan untuk mengextract file .tar.gz

20 Setelah teretract kita menuju directory ISPConfig

#cd ispconfig3_install
#cd install

21. Untuk menginstall nya lakukan perintah berikut

#php -q install.php

22. Akan muncul tampilan berikut

23. kemudian kita akan mengisi beberapa data seperti berikut

Select language (en,de) [en]: <-- Enter
Installation mode (standard,expert) [standard]: <-- Enter
Full qualified hostname (FQDN) of the server, eg server1.domain.tld [debiantotok.id]: <-- Enter
MySQL server hostname [localhost]: <-- Enter
MySQL server port [3306]: <-- Enter
MySQL root username [root]: <-- Enter
MySQL root password []: <-- isi MySQL root password
MySQL database to create [dbispconfig]: <-- Enter
MySQL charset [utf8]: <-- Enter

Configuring Postgrey
Configuring Postfix
Generating a 4096 bit RSA private key
.......................................................................++
........................................................................................................................................++
writing new private key to 'smtpd.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]: --> Isi nama negara
State or Province Name (full name) [Some-State]: --> isi provinsi

Locality Name (eg, city) []: --> isi kota
Organization Name (eg, company) [Info Komputer]: --> isi nama perusahaan
Organizational Unit Name (eg, section) []: --> Enter
Common Name (e.g. server FQDN or YOUR name) []: Isi nama host server

Email Address []: --> Enter
Configuring Mailman
Configuring Dovecot
Configuring Spamassassin
Configuring Amavisd
Configuring Getmail
Configuring BIND
Configuring Jailkit
Configuring Pureftpd
Configuring Apache
Configuring vlogger
Configuring Metronome XMPP Server
writing new private key to 'localhost.key'
-----
Country Name (2 letter code) [ID]: <-- Isi 2 huruf nama negara

City Name (eg, city) []: --> isi nama kota
Organization Name (eg, company) [Info komputer]: --> isi nama perusahaan
Organizational Unit Name (eg, section) []: --> Enter
Common Name (e.g. server FQDN or YOUR name) [debiantotok.id]: ---> isi server hostname
Email Address []: --> Enter

Configuring Ubuntu Firewall
Configuring Fail2ban
[INFO] service OpenVZ not detected
Configuring Apps vhost
Installing ISPConfig
ISPConfig Port [8080]:

Admin password [admin]:

Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- Hit Enter

Generating RSA private key, 4096 bit long modulus
.......................++
................................................................................................................................++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [ID]: --> isi 2 huruf nama negara
State or Province Name (full name) [Some-State]: --> isi nama provinsi
Locality Name (eg, city) []: --> isi nama kota
Organization Name (eg, company) [Info Komputer]: --> isi nama perusahaan
Organizational Unit Name (eg, section) []: --> Enter
Common Name (e.g. server FQDN or YOUR name) []: --> isi nama host server
Email Address []: --> Hit Enter

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: --> Enter
An optional company name []: --> Enter
writing RSA key

Configuring DBServer
Installing ISPConfig crontab
no crontab for root
no crontab for getmail
Detect IP addresses
Restarting services ...
Installation completed.