Results 1 to 2 of 2
  1. Newbie
    Student or Learner
    • Member Info
      • Native Language:
      • Vietnamese
      • Home Country:
      • Vietnam
      • Current Location:
      • Vietnam

    • Join Date: Jan 2017
    • Posts: 5
    #1

    Help me improve my article! Thanks

    Title: DirectAdmin: Improve performance and security
    ------------------------------------------------------------
    In this tutorial, I'm going to improve the DirectAdmin environment, make it faster and more secure. I assume that you have installed DirectAdmin on your server (for this guide, I use CentOS 7 64bit). A good understanding of Linux basics is needed to follow this guide. Now we begin:
    Use Nginx reverse proxy

    Performance can be improved by the reverse proxy handling static content and from application requests. If your web server is not set to this mode, follow the commands below:
    [removed]Enable HTTP/2

    HTTP/2 is the latest update to the HTTP protocol with many advancements in efficiency, security and speed. Simply run the commands below to enable HTTP/2:
    [removed]Then we edit the configure file:

    [removed]And add 2 lines:

    [removed]
    Next, we update the nginx-vhosts:

    [removed]Add http2 to all SSL listen like this:

    Finally, build and restart the service:

    [removed]Use PHP 7

    Up to 2x faster performance and 50% better memory consumption than PHP 5.6.

    [removed]If you have CloudLinux:

    [removed]If you don't have CloudLinux:

    [removed]Then build php:

    [removed]Edit php.ini and double those settings: memory_limit, max_execution_time, max_input_time
    Enable OpCache

    OpCache can improves PHP performance as well, run the following commands:

    [removed]Use MariaDB

    A lot of optimizer enhancements in MariaDB, if your server is not set to use MariaDB, follow this:

    [removed]Increase max allowed packet:

    [removed]Set max_allowed_packet = 50M , innodb_log_file_size = 100M and bind-address = 127.0.0.1 in [mysqld] section.
    Enable SSL for all services

    Assume that your server hostname is server.domain.com. We use "Let's Encrypt" tool to setup SSL for server hostname and all services, now edit the directadmin.conf file:

    [removed]set enable_ssl_sni=1
    set ssl_redirect_host=server.domain.com
    set force_hostname=server.domain.com
    set carootcert=/usr/local/directadmin/conf/carootcert.pem
    set letsencrypt=1

    Next run the following commands:

    [removed]Now set SSL=1 in directadmin.conf and restart directadmin service again.
    Next, update Roundcube config for SSL connection:

    [removed]set $config['password_directadmin_host'] = 'ssl://localhost';
    Testing SSL by running the following commands, one by one:

    [removed]Make sure you can see the Certificate in the result like this:

    Use hostname for alias

    [removed]Enable DKIM

    Enable this feature will help you keep emails sending from your server out of the Spam folder, download the dkim.conf file:

    [removed]Edit your /etc/exim.conf, and find the code:

    [removed]Then change it to look like:

    [removed]If you don't want to see the hostname in user's emails "on behalf of":

    [removed]Then restart exim:

    [removed]Finally, update directadmin.conf file:

    [removed]set dkim=1 dns_spf=1 hide_outlook=1 and then restart DirectAdmin
    Now we can create DKIM for the server hostname:

    [removed]Now go to DirectAdmin > DNS Administration and click on your server hostname to check and DKIM key, and update your SPF record (for IPv6).
    Enable IP Blocking

    We will use BFM and CSF:

    [removed]Download config fires:

    [removed]Create the empty block list and exempt list files:

    [removed]Open ports 465, 2525, 35000:35999 in CSF:

    [removed]Enable and start the firewall. Edit /etc/csf/csf.conf:

    [removed]Update Settings in Directadmin like below:

    Now you have an excellent hosting server! If you need any help please let me know.

  2. emsr2d2's Avatar
    Moderator
    English Teacher
    • Member Info
      • Native Language:
      • British English
      • Home Country:
      • UK
      • Current Location:
      • UK

    • Join Date: Jul 2009
    • Posts: 50,785
    #2

    Re: Help me improve my article! Thanks

    Welcome to the forum.

    You are going to need someone who is completely familiar with all the terminology/jargon to help you with this. There's hardly anything that can be deemed a standard English sentence so it's rather hard (for most of us) to check it for errors. The only thing that I've spotted is that you need a comma after "help" in the very last sentence!
    Remember - if you don't use correct capitalisation, punctuation and spacing, anything you write will be incorrect.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •