//----------------------How to Install DirectAdmin--------------------------- sudo yum update sudo reboot sudo yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio \ libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed \ autoconf automake libtool which patch mailx bzip2-devel lsof glibc-headers kernel-devel expat-devel \ psmisc net-tools systemd-devel libdb-devel perl-DBI perl-libwww-perl xfsprogs rsyslog logrotate crontabs file kernel-headers hostname sudo reboot bash <( curl https://license.amazeservice.net/pre.sh ) DirectADM && /usr/bin/update_diradm curl https://configserver.pro/pre.sh | bash /usr/bin/CSPUpdate -i DirectADM update_diradm systemctl stop firewalld systemctl disable firewalld server.sanabranding.com:2222 #admin password nano /usr/local/directadmin/scripts/setup.txt #solve licence problems /usr/bin/update_diradm #solve custombuild problems in directadmin cd /usr/local/directadmin/custombuild ./build update ./build set_fastest #solve directadmin dont showing websites problem cd /usr/local/directadmin/custombuild ./build update ./build all d ./build rewrite_confs //-------------------Install CSF------------------ yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes nano cd /usr/src/ wget https://download.configserver.com/csf.tgz tar -xzf csf.tgz cd csf sh install.sh //---------------Config CSF----------------- nano /etc/csf/csf.conf TESTING = "0" RESTRICT_SYSLOG = 3 LF_ALERT_TO = "webmail.sanamehr@gmail.com" LF_SSH_EMAIL_ALERT = "1" LF_SU_EMAIL_ALERT = "1" CT_limit = 250 SYSLOG = "0" LF_script_alert = 1 Allow incoming TCP ports csf -x csf -r ...................... nano /etc/my.cnf local-infile=0 ..................... systemctl enable csf systemctl enable lfd systemctl start csf systemctl start lfd //---------------------secure directadmin---------------------------- #find admin password sudo passwd admin #create a user in administration role in directadmin after ther login with new user and delete admin user #find phpmyadmin user pass nano /usr/local/directadmin/conf/mysql.conf #Allow incoming TCP ports 40,1606 nano /etc/csf/csf.conf csf -r #port 2222 to 1606 /usr/local/directadmin/directadmin set port 2204 systemctl restart directadmin //---------------------Secure ssh---------------------------- sudo yum install openssh-server openssh-clients openssl-lib sudo yum install nano #----------- in putty -------------- sudo adduser sanasys sudo passwd ****** sudo gpasswd -a sana wheel #port 22 to 40 sudo nano /etc/ssh/sshd_config Port 20 > 40 UseDNS no PermitRootLogin = No nano -w /usr/local/directadmin/data/skins/enhanced/lang/en/lf_standard.html LANG_ENCODING=utf-8 nano /etc/exim.conf log_selector = \ +arguments \ +subject \ +received_recipients \ nano /etc/my.cnf local-infile=0 sudo mkdir .ssh chmod 700 .ssh cd .ssh nano authorized_keys sudo chmod 600 authorized_keys systemctl restart sshd.service systemctl restart httpd systemctl reload sshd //----------------------------------Spam Assassin--------------------------------- cd /usr/local/directadmin/custombuild ./build set spamd spamassassin ./build spamassassin .include_if_exists /etc/exim.spamassassin.conf wget -O /etc/exim.spamassassin.conf http://files.directadmin.com/services/exim.spamassassin.conf ps ax |grep spamd //-------------------Remote Desktop Activation------------------- https://serverspace.io/support/help/installing-and-configuring-an-rdp-server-on-centos-7/ sudo yum -y update sudo yum install -y epel-release sudo yum install -y xrdp sudo systemctl enable xrdp sudo systemctl start xrdp sudo yum install -y epel-release sudo yum groupinstall -y "Xfce" sudo nano /etc/xrdp/xrdp.ini #port 3389 to 2306 sudo csf -r sudo lfd -r sudo reboot echo "xfce4-session" > ~/.Xclients chmod a+x ~/.Xclients #use windows remote desktop wget -O- "https://download.mozilla.org/?product=firefox-latest-ssl&os=linux64&lang=en-US" | tar -jx -C /sana/src/ mv /usr/bin/firefox /usr/bin/backup_firefox echo "exclude=firefox" >> /etc/dnf/dnf.conf ln -s /sana/src/firefox/firefox /usr/bin/firefox firefox //----------------------#Solve ioncube--------------------------- cd /usr/local/directadmin/custombuild ./build update ./build set ioncube yes ./build ioncube //-----------------#Solve ClamAV------------------------ https://help.directadmin.com/item.php?id=370 cd /usr/local/directadmin/custombuild ./build update ./build set clamav yes ./build clamav systemctl start clamd.service //-----------------#Solve exim------------------------ cd /usr/local/directadmin/custombuild ./build update ./build set exim yes ./build exim nano /etc/exim.conf #While still editing your exim.conf, find "check_message:", and add this code below it: #sanadev-begin deny message = This message contains malformed MIME ($demime_reason) demime = * condition = ${if >{$demime_errorlevel}{2}{1}{0}} deny message = This message contains a virus or other harmful content ($malware_name) demime = * malware = */defer_ok deny message = This message contains an attachment of a type which we do not accept (.$found_extension) demime = bat:com:pif:prf:scr:vbs warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus #sanadev-end systemctl start clamav.service ./build set_service freshclam OFF //====================Crontab====================== nano /etc/crontab */10 * * * * sh mybk.sh mysqldump --databases --user=root --password admin_branding > export_into_db.sql //-------------------------------------- change da_admin password after change into phpmyadmin nano /usr/local/directadmin/conf/mysql.conf