When deciding when and how to create an index in your MySQL database, it’s important to consider how the data is being used.

Let’s say you have a database of employees. We will create it like this:

CREATE TABLE employees (
ID INT,
name VARCHAR(60),
salary decimal(10,2),
date hired(date)
)

So you will notice that this table is pretty simplistic, and doesn’t really contain all the info you would need to actually manage employees, but its just for the sake of demonstration, and you could always add more later, or even make another table and use joins if you had really complex needs.

For now we will go over these real quick.

The ID is basically just a number (INT) which can hold a very large number. If this were real world I would probably make it unsigned, since you will never have a negative employee ID – but either way, you will never reach the number of employees it would take to get to the number that would fill up an INT.

Even unsigned int will hold values up to 2,147,483,647. So if you have 2 billion employees, you would probably not be a developer anymore  .

You might want to consider making the field an auto increment, and primary key, the auto increment depending on how data will be entered into this database.

Name is a simple varchar(60) which should cover most people’s names.

Salary is a decimal with 10 total digits, two on the right hand side of the decimal point. This would handle a salary of up to 99,999,999.99 – again, you’re not likely to hit this limit.

Date hired will be a date in this format 2010-05-06. YYYY-MM-DD.

So when considering this simple table, where would you expect to need an index?
If we assign ID as a primary key, we don’t need one there.

Indexes are best used on columns that are frequently used in where clauses, and in any kind of sorting, such as “order by”.

You should also pay attention to whether or not this information will change frequently, because it will slow down your updates and inserts. Since you wont frequently be adding employees, you don’t have to worry about the inserts.

Let’s say that you will be looking up the employees with a php web interface and the end user will be typing in the employees name to find them, since remembering the employee ID’s would be cumbersome.

It sounds like this situation would be good to use an index.

A – You won’t be updating the employee’s name very often, so you don’t have to worry about a performance hit there.

B – You WILL be using the employee in where clauses like this:

select * from employees where name ='smith';

C – You WILL be generating reports, which will probably be alphabetic, like this:

select * from employees order by name asc;

So in this simple example it’s easy to see when it would be important to use indexes.

So, you could do it like this:

create index name_index on employees (name);

You might be working on a more complex database, so it’s good to remember a few simple rules.

- Indexes slow down inserts and updates, so you want to use them carefully on columns that are FREQUENTLY updated.

- Indexes speed up where clauses and order by.

Remember to think about HOW your data is going to be used when building your tables.

There are a few other things to remember. If your table is very small, i.e., only a few employees, it’s worse to use an index than to leave it out and just let it do a table scan. Indexes really only come in handy with tables that have a lot of rows.

So, if Joe’s Pet Shop was using this database, they would probably be able to leave the index off the “name” column.

If Microsoft was using this database (hah!) they might want to throw and index in there.

Another thing to remember, that is a con in the situation of our employees database, is that if the column is a variable length, indexes (as well as most of MySQL) perform much less efficiently.

As you can see there are many things to consider with indexes, even with a very simple table as this.

I would suggest looking at the explain command in MySQL, which I will be writing about in the future.

http://www.tsmonaghan.com

mysqldump –all-databases> alldatabases.sql

How to Backing up only the Database Structure in MySQL
You can backup only the database structure by telling mysqldump not to back up the data. You can do this by using the –no-data parameter when you call mysqldump.

mysqldump –no-data –databases Customers Orders Comments > structurebackup.sql

Incoming search terms:

• mysqlreport access denied for user (1)

I do not issue any guarantee that this will work for you!

1 Preliminary Note

I’m using a CentOS 5.5 server with the IP address 192.168.0.100 here.

2 Installing WebDAV

If Apache is not already installed, install it as follows:

yum install httpd

Afterwards, open /etc/httpd/conf/httpd.conf and make sure that the dav and dav_fs modules are enabled in the LoadModule section (they should be enabled by default):

vi /etc/httpd/conf/httpd.conf

[...]
LoadModule dav_module modules/mod_dav.so
[...]
LoadModule dav_fs_module modules/mod_dav_fs.so
[...]

Then create the system startup links for Apache and start it:

chkconfig –levels 235 httpd on
/etc/init.d/httpd start

3 Creating A Virtual Host

I will now create a default Apache vhost in the directory /var/www/web1/web. For this purpose, I will add a default vhost at the end of /etc/httpd/conf/httpd.conf. If you already have a vhost for which you’d like to enable WebDAV, you must adjust this tutorial to your situation.

First, we create the directory /var/www/web1/web and make the Apache user and group (apache) the owner of that directory:

mkdir -p /var/www/web1/web
chown apache:apache /var/www/web1/web

Then add the new vhost at the end of /etc/httpd/conf/httpd.conf:

vi /etc/httpd/conf/httpd.conf

[...]
NameVirtualHost *:80
<VirtualHost *:80>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/web1/web/
        <Directory /var/www/web1/web/>
                Options Indexes MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

</VirtualHost>

Then reload Apache:

/etc/init.d/httpd reload

4 Configure The Virtual Host For WebDAV

Now we create the WebDAV password file /var/www/web1/passwd.dav with the user test (the -c switch creates the file if it does not exist):

htpasswd -c /var/www/web1/passwd.dav test

You will be asked to type in a password for the user test.

(Please don’t use the -c switch if /var/www/web1/passwd.dav is already existing because this will recreate the file from scratch, meaning you lose all users in that file!)

Now we change the permissions of the /var/www/web1/passwd.dav file so that only root and the members of the apache group can access it:

chown root:apache /var/www/web1/passwd.dav
chmod 640 /var/www/web1/passwd.dav

Now we modify our vhost at the end of /etc/httpd/conf/httpd.conf and add the following lines to it:

vi /etc/httpd/conf/httpd.conf

[...]
        Alias /webdav /var/www/web1/web

        <Location /webdav>
           DAV On
           AuthType Basic
           AuthName "webdav"
           AuthUserFile /var/www/web1/passwd.dav
           Require valid-user
       </Location>
[...]

The Alias directive makes (together with <Location>) that when you call /webdav, WebDAV is invoked, but you can still access the whole document root of the vhost. All other URLs of that vhost are still “normal” HTTP.

The final vhost should look like this:

[...]
NameVirtualHost *:80
<VirtualHost *:80>
        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/web1/web/
        <Directory /var/www/web1/web/>
                Options Indexes MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        Alias /webdav /var/www/web1/web

        <Location /webdav>
           DAV On
           AuthType Basic
           AuthName "webdav"
           AuthUserFile /var/www/web1/passwd.dav
           Require valid-user
       </Location>

</VirtualHost>

Reload Apache afterwards:

/etc/init.d/httpd reload

5 Testing WebDAV

We will now install cadaver, a command-line WebDAV client:

yum install cadaver

To test if WebDAV works, type:

cadaver http://localhost/webdav/

You should be prompted for a user name. Type in test and then the password for the user test. If all goes well, you should be granted access which means WebDAV is working ok. Type quit to leave the WebDAV shell:

[root@server1 ~]# cadaver http://localhost/webdav/
Authentication required for webdav on server `localhost’:
Username: test
Password:
dav:/webdav/> quit
Connection to `localhost’ closed.
[root@server1 ~]#

6 Configure A Windows XP Client To Connect To The WebDAV Share

Click on My Network Places on your desktop (I have a German Windows, so the names are a bit different in the screenshots):

Select Add a Network Place from the Network Tasks menu (on the left):

The Add Network Place Wizard comes up. Click on the Next button:

Select Choose another network location, and click on Next:

Enter http://192.168.0.100:80/webdav as the location and click on Next. You must specify the port in the WebDAV URL (:80). For some strange reason this makes Windows XP accept the normal username (e.g. test) – otherwise Windows XP expects NTLM usernames (that would have the form www.example.com\test).

You will be prompted for a user name and a password. Type in the user name test and the password for the user test:

Then type in a name for the WebDAV folder:

To open the new connection, keep the Open this network place when I click Finish box checked, and click on Finish:

The WebDAV folder will then open where you can browse the contents of the /var/www/web1/web directory and its subdirectories on the server, and you will find an icon for your new WebDAV share in the My Network Places folder:

7 Configure A Linux Client (GNOME) To Connect To The WebDAV Share

If you want to connect to the WebDAV share from a GNOME desktop, go to Places > Connect to Server…:

Select WebDAV (HTTP) as the Service type, type in the Server (192.168.0.100 in this example) and then the Folder (webdav). Do not fill in a User Name yet because otherwise the connection will fail. Click on Connect afterwards:

Now you are being prompted for a user name and password. Type in test along with the password, then click on Connect:

You might get the following error…

… but at the same time the WebDAV share should appear on the desktop, which means you can ignore the error:

Double-click on the icon to open the WebDAV share:

8 Links

• WebDAV: http://www.webdav.org/
• Apache: http://httpd.apache.org/
• CentOS: http://www.centos.org/

Incoming search terms:

• directadmin webdav (3)
• webdav directadmin (2)
• apache dav (1)
• webdav centos howto (1)
• webdav centos (1)
• webdav apache http web server windows 7 (1)
• server dav (1)
• how to configure webdav on different centos port (1)
• connect to cpanel webdav on centos (1)
• centos upload to webdav (1)

I do not issue any guarantee that this will work for you!

1 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100. These settings might differ for you, so you have to replace them where appropriate.

2 Installing MySQL 5.0

To install MySQL, we do this:

yum install mysql mysql-server

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:

chkconfig –levels 235 mysqld on
/etc/init.d/mysqld start

Set passwords for the MySQL root account:

mysql_secure_installation

[root@server1 ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we’ll need the current
password for the root user.  If you’ve just installed MySQL, and
you haven’t set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.

Set root password? [Y/n] <– ENTER
New password: <– yourrootsqlpassword
Re-enter new password: <– yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
… Success!

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] <– ENTER
… Success!

Normally, root should only be allowed to connect from ’localhost’.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] <– ENTER
… Success!

By default, MySQL comes with a database named ’test’ that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] <– ENTER
- Dropping test database…
… Success!
- Removing privileges on test database…
… Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] <– ENTER
… Success!

Cleaning up…

All done!  If you’ve completed all of the above steps, your MySQL
installation should now be secure.

Thanks for using MySQL!

[root@server1 ~]#

3 Installing Apache2

Apache2 is available as a CentOS package, therefore we can install it like this:

yum install httpd

Now configure your system to start Apache at boot time…

chkconfig –levels 235 httpd on

… and start Apache:

/etc/init.d/httpd start

Now direct your browser to http://192.168.0.100, and you should see the Apache2 placeholder page:

Apache’s default document root is /var/www/html on CentOS, and the configuration file is /etc/httpd/conf/httpd.conf. Additional configurations are stored in the /etc/httpd/conf.d/ directory.

4 Installing PHP5

We can install PHP5 and the Apache PHP5 module as follows:

yum install php

We must restart Apache afterwards:

/etc/init.d/httpd restart

5 Testing PHP5 / Getting Details About Your PHP5 Installation

The document root of the default web site is /var/www/html. We will now create a small PHP file (info.php) in that directory and call it in a browser. The file will display lots of useful details about our PHP installation, such as the installed PHP version.

vi /var/www/html/info.php

<?php
phpinfo();
?>

Now we call that file in a browser (e.g. http://192.168.0.100/info.php):

As you see, PHP5 is working, and it’s working through the Apache 2.0 Handler, as shown in the Server API line. If you scroll further down, you will see all modules that are already enabled in PHP5. MySQL is not listed there which means we don’t have MySQL support in PHP5 yet.

6 Getting MySQL Support In PHP5

To get MySQL support in PHP, we can install the php-mysql package. It’s a good idea to install some other PHP5 modules as well as you might need them for your applications. You can search for available PHP5 modules like this:

yum search php

Pick the ones you need and install them like this:

yum install php-mysql php-gd php-imap php-ldap php-odbc php-pear php-xml php-xmlrpc

Now restart Apache2:

/etc/init.d/httpd restart

Now reload http://192.168.0.100/info.php in your browser and scroll down to the modules section again. You should now find lots of new modules there, including the MySQL module:

7 phpMyAdmin

phpMyAdmin is a web interface through which you can manage your MySQL databases.

First we enable the RPMforge repository on our CentOS system as phpMyAdmin is not available in the official CentOS 5.5 repositories:

On x86_64 systems:

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm
rpm -Uhv rpmforge-release-0.5.1-1.el5.rf.x86_64.rpm

On i386 systems:

wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
rpm -Uhv rpmforge-release-0.5.1-1.el5.rf.i386.rpm

phpMyAdmin can now be installed as follows:

yum install phpmyadmin

Now we configure phpMyAdmin. We change the Apache configuration so that phpMyAdmin allows connections not just from localhost (by commenting out the <Directory “/usr/share/phpmyadmin”> stanza):

vi /etc/httpd/conf.d/phpmyadmin.conf

#
#  Web application to manage MySQL
#

#<Directory "/usr/share/phpmyadmin">
#  Order Deny,Allow
#  Deny from all
#  Allow from 127.0.0.1
#</Directory>

Alias /phpmyadmin /usr/share/phpmyadmin
Alias /phpMyAdmin /usr/share/phpmyadmin
Alias /mysqladmin /usr/share/phpmyadmin

Next we change the authentication in phpMyAdmin from cookie to http:

vi /usr/share/phpmyadmin/config.inc.php

[...]
/* Authentication type */
$cfg['Servers'][$i]['auth_type'] = 'http';
[...]

Restart Apache:

/etc/init.d/httpd restart

Afterwards, you can access phpMyAdmin under http://192.168.0.100/phpmyadmin/:

8 Links

• Apache: http://httpd.apache.org/
• PHP: http://www.php.net/
• MySQL: http://www.mysql.com/
• CentOS: http://www.centos.org/
• phpMyAdmin: http://www.phpmyadmin.net/

Incoming search terms:

• centos 5 5 phpmyadmin installation (1)
• centos vmware installed with php apache mysql and cpanel (1)
• centos yum mod_php (1)
• install phpmyadmin in var/www/html folder in centos 5 5 (1)

#!/bin/bash
# Shell script to backup MySql database
# To backup Nysql databases file to /backup dir and later pick up by your
# script. You can skip few databases from backup too.
# ——————————————————————–
# This is a free shell script under GNU GPL version 2.0 or above
# Copyright (C) 2004, 2005 nixCraft project
# ————————————————————————-

MyUSER=“SET-MYSQL-USER-NAME” # USERNAME
MyPASS=“SET-PASSWORD” # PASSWORD
MyHOST=“localhost” # Hostname

# Linux bin paths, change this if it can‘t be autodetected via which command
MYSQL=”$(which mysql)”
MYSQLDUMP=”$(which mysqldump)”
CHOWN=”$(which chown)”
CHMOD=”$(which chmod)”
GZIP=”$(which gzip)”

# Backup Dest directory, change this if you have someother location
DEST=”/backup”

# Main directory where backup will be stored
MBD=”$DEST/mysql”

# Get hostname
HOST=”$(hostname)”

# Get data in dd-mm-yyyy format
NOW=”$(date +”%d-%m-%Y”)”

# File to store current backup file
FILE=””
# Store list of databases
DBS=””

# DO NOT BACKUP these databases
IGGY=”test”

[ ! -d $MBD ] && mkdir -p $MBD || :

# Only root can access it!
$CHOWN 0.0 -R $DEST
$CHMOD 0600 $DEST

# Get all database list first
DBS=”$($MYSQL -u $MyUSER -h $MyHOST -p$MyPASS -Bse ‘show databases‘)”

for db in $DBS
do
skipdb=-1
if [ "$IGGY" != "" ];
then
for i in $IGGY
do
[ "$db" == "$i" ] && skipdb=1 || :
done
fi

if [ "$skipdb" == "-1" ] ; then
FILE=”$MBD/$db.$HOST.$NOW.gz”
# do all inone job in pipe,
# connect to mysql using mysqldump for select mysql database
# and pipe it out to gz file in backup dir
$MYSQLDUMP -u $MyUSER -h $MyHOST -p$MyPASS $db | $GZIP -9 > $FILE
fi
done

Incoming search terms:

• centos shell command backup oracle xe (1)
• how to monitor remote machine using icinga in ubuntu 11 04 (1)
• how to set backup system for mysql database (1)
• mysql Access denied for user -localhost (1)
• shell cpanel (1)
• shell script to backup mysql database on windows (1)

Sometimes, when you have got a large number of tables in your database and while taking the dump of that particular database, you would have encountered this strange error

mysqldump: Got error: 1016: Can't open file: '.\database\certain_table.frm' (errno: 24) when using LOCK TABLES

There are two solutions to avoid this error

1. Set the following value to some higher number in your mysql database

set open-files-limit=20000

2. or, While taking the mysql dump, use –lock-tables=off option.

mysqldump --lock-tables=off -u root -p db-with-lots-of-tables > db.sql

Incoming search terms:

• 1016 - can\t open file: \ /phpmyadmin/pma_history frm\ (errno: 24) (1)
• plesk to directadmn mysql (1)
• plesk system database windows (1)
• mysqldump: got error: 1016: cant open file: (errno: 24) when using lock tables (1)
• mysqldump on windows plesk (1)
• mysqldump lock-tables off (1)
• mysqldump error output: mysqldump: got error: table directadmin (1)
• mysqldump error 1016 (1)
• mysqldump cant open file when using lock tables (1)
• mysql error 1016 cant open file error no 24 (1)

Today working on a client project, a shell script which uses MySQL to dump the database, has got me into this error

mysqldump: Got error: 1045: Access denied for user

I was typically amazed getting this error because all my configurations were correct. I have created proper users to access MySQL database and correctly configured the MySQL server settings. FYI, my script was on one server and the MySQL was running on a separate dedicated box. The connection between them were TCP based.

After few minutes of head hunching, I was able to figure out the problem. So if you got into the same problem any time, follow the following guidelines to get over with it:

1. Check that whether you have created the proper MySQL user and gave them the required permission. You can check the user permission by following command.

SHOW GRANTS FOR 'user'@'localhost';

SHOW GRANTS FOR 'user'@'192.168.1.1';

If the permissions are not proper, you might think of providing it properly by

GRANT ALL ON database.* TO 'user'@'localhost' identified by 'password';

2. Check whether you are including the host properly in case of remote MySQL connections.

mysql -h host -u user -p database

3. Finally, if you have created user and didn’t restarted your MySQL server or ran following command, your MySQL user permissions will not take effect in-spite of creating them. (Ps. This was the issue I was having.)

FLUSH PRIVILEGES

After running the above command, my script was able to connect to database properly.

Incoming search terms:

• mysqldump: got error: 1045: access denied for user (3)
• cannot connect to mysql database access denied error 1045 (2)
• ERROR: MySql connection problem Access denied ocs inventory (1)
• mysql 1045 access denied for user remote (1)
• mysql error 1045 remote (1)
• mysqldump network (1)
• [mysql error 1045] access denied for user cpanel (1)

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install them, run

apt-get install razor pyzor dcc-client

Now we have to tell SpamAssassin to use these three programs. Edit /etc/spamassassin/local.cf so that it looks like this:

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
# rewrite_header Subject *****SPAM*****
# report_safe 1
# trusted_networks 212.17.35.
# lock_method flock

# dcc
use_dcc 1
dcc_path /usr/bin/dccproc
dcc_add_header 1
dcc_dccifd_path /usr/sbin/dccifd

#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
pyzor_add_header 1

#razor
use_razor2 1
razor_config /etc/razor/razor-agent.conf

#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

Run

/etc/init.d/amavis restart

afterwards.

Now I want to insert some custom rulesets that can be found on the internet into SpamAssassin. I have tested those rulesets, and they make spam filtering a lot more effective. Create the file /usr/local/sbin/sa_rules_update.sh:

#!/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/null cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null /etc/init.d/amavis restart &> /dev/null exit 0

chmod 755 /usr/local/sbin/sa_rules_update.sh

Then run that script once, it will fetch those rulesets and insert them into SpamAssassin:

/usr/local/sbin/sa_rules_update.sh

We create a cron job so that those rulesets will be updated regularly. Run

crontab -e

to open the cron job editor. Create following cron job:

23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null

This will update the rulesets every second day at 4.23h.

(Note (a little off-topic): on Debian Sarge crontab -e will automatically open the editor nano. If you are used to working with the editor vi (like me), run the following commands:

rm -f /etc/alternatives/editor
ln -s /usr/bin/vi /etc/alternatives/editor

Afterwards, run crontab -e, and vi will come up.)

9 Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then do this:

cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt
mv quota.txt quota_notify
chmod 755 quota_notify

Open /usr/local/sbin/quota_notify and edit the variables at the top:

my $POSTFIX_CF = "/etc/postfix/main.cf";
my $MAILPROG = "/usr/sbin/sendmail -t";
my $WARNPERCENT = 80;
my @POSTMASTERS = ('postmaster@isp.tld');
my $CONAME = 'ISP.tld';
my $COADDR = 'postmaster@isp.tld';
my $SUADDR = 'postmaster@isp.tld';
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;

Run

crontab -e

to create a cron job for that script:

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null

Incoming search terms:

• virtual users and domains with postfix courier and mysql ( smtp-auth quota spamassassin clamav) (2)
• install postfix on directadmin (2)
• centos plesk postfix (1)
• postfix spamassassin clamav centos (1)
• quota txt postfix (1)
• quota txt postfix mysql (1)
• smtp postfix plesk 10 (1)
• spamassassin mysql (1)
• vhcs2 centos smtp auth (1)
• postfix icinga configuration (1)

Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 10/05/2005

This tutorial is Copyright (c) 2005 by Falko Timme. It is derived from a tutorial from Christoph Haas which you can find at http://workaround.org. You are free to use this tutorial under the Creative Commons license 2.5 or any later version.

This document describes how to install a mail server based on Postfix that is based on virtual users and domains, i.e. users and domains that are in a MySQL database. I’ll also demonstrate the installation and configuration of Courier (Courier-POP3, Courier-IMAP), so that Courier can authenticate against the same MySQL database Postfix uses.

The resulting Postfix server is capable of SMTP-AUTH and TLS and quota (quota is not built into Postfix by default, I’ll show how to patch your Postfix appropriately). Passwords are stored in encrypted form in the database (most documents I found were dealing with plain text passwords which is a security risk). In addition to that, this tutorial covers the installation of Amavisd, SpamAssassin and ClamAV so that emails will be scanned for spam and viruses.

The advantage of such a “virtual” setup (virtual users and domains in a MySQL database) is that it is far more performant than a setup that is based on “real” system users. With this virtual setup your mail server can handle thousands of domains and users. Besides, it is easier to administrate because you only have to deal with the MySQL database when you add new users/domains or edit existing ones. No more postmap commands to create db files, no more reloading of Postfix, etc. For the administration of the MySQL database you can use web based tools like phpMyAdmin which will also be installed in this howto. The third advantage is that users have an email address as user name (instead of a user name + an email address) which is easier to understand and keep in mind.

This tutorial is based on Debian Sarge (Debian 3.1). You should already have set up a basic Debian system, as described here: http://www.howtoforge.com/perfect_setup_debian_sarge and http://www.howtoforge.com/perfect_setup_debian_sarge_p2.

This howto is meant as a practical guide; it does not cover the theoretical backgrounds. They are treated in a lot of other documents in the web.

This document comes without warranty of any kind! I want to say that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

1 Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin

This can all be installed with one single command:

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authmysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl phpmyadmin (1 line!)

You will be asked a few questions:

Enable suExec? <– Yes
Create directories for web-based administration ? <– No
General type of configuration? <– Internet site
Where should mail for root go? <– NONE
Mail name? <– server1.example.com
Other destinations to accept mail for? (blank for none) <– server1.example.com, localhost, localhost.localdomain
Force synchronous updates on mail queue? <– No
SSL certificate required <– Ok
Install Hints <– Ok
Which web server would you like to reconfigure automatically? <– apache, apache2
Do you want me to restart apache now? <– Yes

2 Apply Quota Patch To Postfix

We have to get the Postfix sources, patch it with the quota patch, build new Postfix .deb packages and install those .deb packages:

apt-get install build-essential dpkg-dev fakeroot debhelper libdb4.2-dev libgdbm-dev libldap2-dev libpcre3-dev libmysqlclient10-dev libssl-dev libsasl2-dev postgresql-dev po-debconf dpatch (1 line!)
cd /usr/src
apt-get source postfix
wget http://web.onda.com.br/nadal/postfix/VDA/postfix-2.1.5-trash.patch.gz
gunzip postfix-2.1.5-trash.patch.gz
cd postfix-2.1.5
patch -p1 < ../postfix-2.1.5-trash.patch
dpkg-buildpackage
cd ..
dpkg -i postfix_2.1.5-9_i386.deb
dpkg -i postfix-mysql_2.1.5-9_i386.deb
dpkg -i postfix-tls_2.1.5-9_i386.deb

3 Create The MySQL Database For Postfix/Courier

By default, MySQL is installed without a root password, which we change immediately (replace yourrootsqlpassword with the password you want to use):

mysqladmin -u root password yourrootsqlpassword

Now we create a database called mail:

mysqladmin -u root -p create mail

Next, we go to the MySQL shell:

mysql -u root -p

On the MySQL shell, we create the user mail_admin with the passwort mail_admin_password (replace it with your own password) who has SELECT,INSERT,UPDATE,DELETE privileges on the mail database. This user will be used by Postfix and Courier to connect to the mail database:

GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mail_admin’@'localhost’ IDENTIFIED BY ‘mail_admin_password’;
GRANT SELECT, INSERT, UPDATE, DELETE ON mail.* TO ‘mail_admin’@'localhost.localdomain’ IDENTIFIED BY ‘mail_admin_password’;
FLUSH PRIVILEGES;

Still on the MySQL shell, we create the tables Postfix and Courier need:

USE mail;

CREATE TABLE domains (
domain varchar(50) NOT NULL,
PRIMARY KEY (domain) )
TYPE=MyISAM;

CREATE TABLE forwardings (
source varchar(80) NOT NULL,
destination TEXT NOT NULL,
PRIMARY KEY (source) )
TYPE=MyISAM;

CREATE TABLE users (
email varchar(80) NOT NULL,
password varchar(20) NOT NULL,
quota INT(10) DEFAULT ’10485760′,
PRIMARY KEY (email)
) TYPE=MyISAM;

CREATE TABLE transport (
domain varchar(128) NOT NULL default ”,
transport varchar(128) NOT NULL default ”,
UNIQUE KEY domain (domain)
) TYPE=MyISAM;

quit;

As you may have noticed, with the quit; command we have left the MySQL shell and are back on the Linux shell.

The domains table will store each virtual domain that Postfix should receive emails for (e.g. example.com).

The forwardings table is for aliasing one email address to another, e.g. forward emails for info@example.com to sales@example.com.

The users table stores all virtual users (i.e. email addresses, because theemail address and user name is the same) and passwords (in encrypted form!) and a quota value for each mail box (in this example the default value is 10485760 bytes which means 10MB).

The transport table is optional, it is for advanced users. It allows to forward mails for single users, whole domains or all mails to another server. For example,

would forward all emails for example.com via the smtp protocol to the server with the IP address 1.2.3.4 (the square brackets [] mean “do not make a lookup of the MX DNS record” (which makes sense for IP addresses…). If you use a fully qualified domain name (FQDN) instead you would not use the square brackets.).

BTW, (I’m suggesting that the IP address of your mail server system is 192.168.0.100) you can access phpMyAdmin over http://192.168.0.100/phpmyadmin/ in a browser and log in as mail_admin. Then you can have a look at the database. Later on you can use phpMyAdmin to administrate your mail server.

Incoming search terms:

• postfix authenticated smtp (1)
• postfix courier mysql debian (1)
• postfix-mysql postfix-tls libsasl2-modules-sql libsasl2-modules in centos (1)
• spamassassin postfix plesk without key (1)

Why LEMP instead of LAMP? NGINX is a great replacement for Apache with very low memory footprint and great stability.

Note: i will use the name yourdomain.com for all configurations on a fresh minimal installation of Ubuntu Feisty Fawn server edition.

We will have to install first Postfix to deal with emails and then Dovecot to deliver them with pop3 only (imap uses too much memory). But before that, let’s install some useful tools we need:

apt-get install wget telnet build-essential

1. Installation of Postfix

apt-get install postfix libsasl2 sasl2-bin libsasl2-modules libdb3-util procmail

Now the beautiful blue screen will appear and Postfix will ask you some questions. Answer as follow:

General type of configuration? <– Internet Site
Mail name? <– yourdomain.com

Then run:

dpkg-reconfigure postfix

Again, you’ll be asked some questions:

General type of configuration? <– Internet Site
Where should mail for root go <– [blank]
Mail name? <– yourdomain.com
Other destinations to accept mail for? (blank for none) <– yourdomain.com, localhost.yourdomain.com, localhost.localdomain, localhost
Force synchronous updates on mail queue? <– No
Local networks? <– 127.0.0.0/8
Use procmail for local delivery? <– Yes
Mailbox size limit <– 0
Local address extension character? <– +
Internet protocols to use? <– all

Type then the following commands (you can copy everything below and paste it in your terminal in one row, it will work but don’t forget to hit enter to validate the last command):

postconf -e ‘smtpd_sasl_local_domain =’
postconf -e ‘smtpd_sasl_auth_enable = yes’
postconf -e ‘smtpd_sasl_security_options = noanonymous’
postconf -e ‘broken_sasl_auth_clients = yes’
postconf -e ‘smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination’
postconf -e ‘inet_interfaces = all’
echo ‘pwcheck_method: saslauthd’ >> /etc/postfix/sasl/smtpd.conf
echo ‘mech_list: plain login’ >> /etc/postfix/sasl/smtpd.conf

Now we have to create the certificates for TLS that will be available both for Postfix and Dovecot:

mkdir /etc/ssl/yourdomain (the folder name can be of course anything such as the name of your mother…)
cd /etc/ssl/yourdomain
openssl genrsa -des3 -rand /etc/hosts -out yourdomain.key 1024

chmod 600 yourdomain.key
openssl req -new -key yourdomain.key -out yourdomain.csr

openssl x509 -req -days 3650 -in yourdomain.csr -signkey yourdomain.key -out yourdomain.crt

openssl rsa -in yourdomain.key -out yourdomain.key.unencrypted

mv -f yourdomain.key.unencrypted yourdomain.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Next we configure Postfix for TLS:

postconf -e ‘smtpd_tls_auth_only = no’
postconf -e ‘smtp_use_tls = yes’
postconf -e ‘smtpd_use_tls = yes’
postconf -e ‘smtp_tls_note_starttls_offer = yes’
postconf -e ‘smtpd_tls_key_file = /etc/ssl/yourdomain/yourdomain.key’
postconf -e ‘smtpd_tls_cert_file = /etc/ssl/yourdomain/yourdomain.crt’
postconf -e ‘smtpd_tls_CAfile = /etc/ssl/yourdomain/cacert.pem’
postconf -e ‘smtpd_tls_loglevel = 1′
postconf -e ‘smtpd_tls_received_header = yes’
postconf -e ‘smtpd_tls_session_cache_timeout = 3600s’
postconf -e ‘tls_random_source = dev:/dev/urandom’
postconf -e ‘myhostname = yourdomain.com’

Restart Postfix:

/etc/init.d/postfix restart

Authentication will be done by saslauthd. We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:

mkdir -p /var/spool/postfix/var/run/saslauthd

Now we have to edit /etc/default/saslauthd in order to activate saslauthd. Set START to yes and change the line OPTIONS=”-c” to OPTIONS=”-c -m /var/spool/postfix/var/run/saslauthd -r”:

vi /etc/default/saslauthd

#
# Settings for saslauthd daemon
#
# Should saslauthd run automatically on startup? (default: no)
START=yes
# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"
# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""
# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5
# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c  -m /var/spool/postfix/var/run/saslauthd -

Start then saslauthd:

/etc/init.d/saslauthd start

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet yourdomain.com 25

After you have established the connection to your Postfix mail server type

ehlo yourdomain.com

The output should look something like:

250-yourdomain.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

We have now Postfix running. If you add users (adduser command) Postfix will deliver then directly emails in users mail box located in the home folder.

2. Installation of Dovecot

Dovecot configuration is pretty straight forward (remember we will use only pop3 protocol to save memory):

apt-get install dovecot-common dovecot-pop3d

Open then dovecot conf situated in /etc/dovecot/. You have to add manually the protocol you want to use (pop3 pop3s

# Protocols we want to be serving: imap imaps pop3 pop3s
# If you only want to use dovecot-auth, you can set this to "none".
#protocols = imap imaps
protocols = pop3s pop3

And uncomment the two following lines to tell Dovecot where to fint the certificate you have creted earlier

ssl_cert_file = /etc/ssl/yourdomain/yourdomain.crt
ssl_key_file = /etc/ssl/yourdomain/yourdomain.key

You have then to restart Dovecot

/etc/init.d/dovecot restart

and we have now a functionnal mail server.

3. Installation of PHP5 (along with xcache)

apt-get install php5-cli php5-cgi php5-mysql php5-xcache

Note that xcache has to be implemented manually by adding the following lines in the php.ini located in /etc/php5/cgi/ (please tune this config according to your system).

[xcache-common]
extension = xcache.so
[xcache.admin]
xcache.admin.user = "mOo"
; xcache.admin.pass = md5($your_password)
xcache.admin.pass = ""
[xcache]
; ini only settings, all the values here is default unless explained
; select low level shm/allocator scheme implemenation
xcache.shm_scheme =        "mmap"
; to disable: xcache.size=0
; to enable : xcache.size=64M etc (any size > 0) and your system mmap allows
xcache.size  =                32M
; set to cpu count (cat /proc/cpuinfo |grep -c processor)
xcache.count =                 1
; just a hash hints, you can always store count(items) > slots
xcache.slots =                8K
; ttl of the cache item, 0=forever
xcache.ttl   =                 0
; interval of gc scanning expired items, 0=no scan, other values is in seconds
xcache.gc_interval =           0
; same as aboves but for variable cache
xcache.var_size  =            32M
xcache.var_count =             1
xcache.var_slots =            8K
; default ttl
xcache.var_ttl   =             0
xcache.var_maxttl   =          0
xcache.var_gc_interval =     300
xcache.test =                Off
; N/A for /dev/zero
xcache.readonly_protection = Off
; for *nix, xcache.mmap_path is a file path, not directory.
; Use something like "/tmp/xcache" if you want to turn on ReadonlyProtection
; 2 group of php won't share the same /tmp/xcache
; for win32, xcache.mmap_path=anonymous map name, not file path
xcache.mmap_path =    "/dev/zero"
; leave it blank(disabled) or "/tmp/phpcore/"
; make sure it's writable by php (without checking open_basedir)
xcache.coredump_directory =   ""
; per request settings
xcache.cacher =               On
xcache.stat   =               On
xcache.optimizer =            On
[xcache.coverager]
; per request settings
; enable coverage data collecting for xcache.coveragedump_directory and xcache_coverager_start/stop/get/clean() functions (will hurt executing performance)
xcache.coverager =          Off
; ini only settings
; make sure it's readable (care open_basedir) by coverage viewer script
; requires xcache.coverager=On
xcache.coveragedump_directory = ""

Note: you have to adjust manually the xcache.size and xcache.var_size according to your server (it’s on 0 by default, meaning that xcache isn’t enabled at all). One other thing is the xcache.count variable. If you have a vps that takes advantage of 2 processors, you can put 2 instead of one.

You can do that right now even if your php configuration isn’t loaded yet so everything will be in good order when Nginx and fcgi process will be started.

4. Installation of Mysql and PhpMyAdmin

apt-get install mysql mysql-server

There is often a problem with mysql to setup the root password. So the best thing to do is first stopping mysql:

/etc/init.d/mysql stop

Then update the user table

mysqld –skip-grant-tables –skip-networking &

mysql mysql

UPDATE user SET password=PASSWORD(‘yourrootpassword’) WHERE User=”root” AND Host=”localhost”;

quit

/etc/init.d/mysql restart

5. Installation of NGINX (Ubuntu only, see below for Debian users)

The nginx version proposed by Feisty is a prehistoric one (not to mention drapper). Fortunately, there’s a place you can get the latest stable version, or if you are adventurous, the latest dev version.

Note for Debian users: I didn’t find a recent .deb package so you have either the choice to compile from sources or to do a apt-get install nginx to have a not so new version. For more informations about Nginx please go to the Nginx Wiki website. You can find there the sources and a good doc about all the modules (ssl, auth_basic and so on).

wget http://technokracy.net/nginx/nginx_0.5.32~grrr-1_i386.deb

(Note that if you are running on AMD replace i386 by amd64.)

Then type:

dpkg -i nginx_0.5.32~grrr-1_i386.deb

Nginx is now up and running on default port 8000 (just in case you already have Apache or anything else on port 80).

The default root folder is Nginx-default and is located in /var/www/

To change that and to start to listen to the fast-cgi we will launch next, you have to open /etc/nginx/sites-available/default.

vi /etc/nginx/sites-available/default

You can find there all the obvious options to change and add (or uncomment the original php paragraph):

        location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME  /var/www/nginx-default$fastcgi_script_name;
    }

We’ve just asked Nginx to listen to fcgi on port 9000. So we have to start now the fcgi process. I’ve chosen to use spawn-fcgi and to make my own init script of it (so the process will start after reboot). To have spawn-fcgi you have to get lighttpd configured but without the need to install it. Let’s grab the latest version:

wget http://www.lighttpd.net/download/lighttpd-1.4.18.tar.bz2

tar -xvjf lighttpd-1.4.18.tar.bz2

cd lighttpd-1.4.18

./configure

make

cp src/spawn-fcgi /usr/bin/spawn-fcgi

Note that we did not type make install so lighttpd is not running!

Then we create a shell script we can call php-fastcgi or whatever you want and place that file in /usr/bin/ to make it simple (as php5-cgi and spawn-fcgi are already there…).

touch /usr/bin/php-fastcgi

Then edit it:

vi /usr/bin/php-fastcgi

and add the following:

#!/bin/sh
/usr/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -f /usr/bin/php5-cgi

That means every time this script will be called, fcgi will be spawned on port 9000 for user www-data (default user).

To make it work at startup we need now to create an init script:

touch /etc/init.d/init-fastcgi

Edit and add:

vi /etc/init.d/init-fastcgi

#!/bin/bash
PHP_SCRIPT=/usr/bin/php-fastcgi
RETVAL=0
case "$1" in
    start)
      $PHP_SCRIPT
      RETVAL=$?
  ;;
    stop)
      killall -9 php
      RETVAL=$?
  ;;
    restart)
      killall -9 php
      $PHP_SCRIPT
      RETVAL=$?
  ;;
    *)
      echo "Usage: php-fastcgi {start|stop|restart}"
      exit 1
  ;;
esac
exit $RETVAL

You may have to change the permissions there by typing:

chmod 755 /etc/init.d/init-fastcgi

Check then if it works by typing:

/etc/init.d/init-fastcgi start

You should have an answer from spawn-fcgi attributing a PID process. To make now everything working after reboot type:

update-rc.d init-fastcgi defaults

And we are done. To check if php is working as fast-cgi you can first type:

ps ax | grep php

To check then if Nginx is listening to php, create an echo command in an empty php file:

<? echo phpinfo(); ?>

Incoming search terms:

• nginx directadmin (7)
• lemp howto (3)
• centos appliance vmware lamp optimize (1)
• linux install lemp (1)
• nginx fcgi php $_REQUEST is empty (1)
• nginx installation on sles (1)
• nginx lamp windows (1)
• nginx postfix mysql pipe mail to php (1)
• plesk change setting saslauthd (1)
• preinstalled lemp (1)