DirectAdmin is a program that allows you to start your own web hosting server. There could be several reasons for doing this. Reasons can be, for example:
- * You create and maintain websites for customers, and you want these customers to do the management of e-mail-addresses themselves.
- * You have a webshop, which is too busy for the shared hosting platform, but too small for Managed Hosting.
- * You need webhosting which you can easily scale up with expected visitors for an event (like ticket sales) and scale back after this period.
Table of Contents
- Create Cloud Server
- Optaining a DirectAdmin license
- Open Port 25 for outgoing mail
- Safety Concerns
- Add Main Domain
Create Cloud Server
We start by creating a Cloud Server, and recommend the following properties for a small to medium web server.
OS: CentOS 7.6 Cores: 4 RAM: 4GB Disk: 100GB
Of course, you could adjust this setup at your own discretion.
It is best practice to use a subdomain as hostname. For our example, we use the following subdomain: directadmin.hetvoorbeelddomein.xyz
Note: You must use a domain you own or manage, so that you can point the DNS to the Server in a next step.
For a comprehensive guide in creating a Cloud Server, you can view the following article:
After the Server has been created, point your domain to the new server.
In addition to the A record for the root domain, be sure to create a Wildcard record (*.domain.tld) for all subdomains. We recommend using a CNAME-record, set-up like the following screenshot:
Also, if you want to send and recieve mail with directadmin, it is necessary set an MX record and an SPF record. The entire DNS-zone now looks like this:
Optaining a DirectAdmin license
You can obtain your license directly via DirectAdmin, or through us. At the time of writing we offer a license for unlimited domains for 7, – ex VAT monthly. Current prices can be found at the bottom of this page [link].If you want to obtain a license through us you can request this by e-mail.
To setup your license, we need the following information:
- IP-adres for the server you are planning to use
- The server’s Hostname
- The operating system (OS) from the server
This information is the same information you can use to active your license on DirectAdmin.com. When this information has been set, you are ready to install DirectAdmin on your server. The license will be automatically optained during the installation proces.
Open Port 25 for outgoing mail
On our Cloud Servers, port 25 for outgoing mail traffic is blocked by default. This is done to ensure the safety and integrity of the platform.
To open this port, first go to the control panel in the control panel and, at the header Outgoing port rules click Add outgoing port rule.
It is possible this button is not available for your server. To activate this setting for your account, please contact [link] us.
In the following screen, enter for both start port and end port “25”.
The server and domain are now ready to install DirectAdmin.
Install DirectAdmin
To install DirectAdmin, you must first connect via SSH. On MacOS and Linux you can do this via the Terminal. Use the following command, where replacing hetvoorbeelddomein.xyz with the domain name you set earlier.
ssh root@hetvoorbeelddomein.xyz
If you did not setup the SSH-keys, the server will prompt you for the Password. You are now logged in on the server.
When using Windows, you usually need a separate program to connect via SSH, for instance the free program Putty [link]. Experience has shown that it is not straightforward to copy and paste text, so check in advance how you can do this easily.
The first command we issue on the server is to update all software on the machine:
yum update && yum upgrade
A number of questions are asked to which you can all answer Yes by typing “Y”.
Next, we will ensure that the installation remains up-to-date automatically from now on, by issuing the following commands:
yum install -y yum-cron sed -i '/apply_updates/s/no/yes/g' /etc/yum/yum-cron.conf systemctl enable yum-cron service yum-cron start
Now that everything is up to date, we are going to install some packages (programs) that are needed for DirectAdmin. You can copy and paste the following lines entirely.
yum install wget tar gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio \ libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 cyrus-sasl-devel perl-ExtUtils-Embed \ autoconf automake libtool which patch mailx bzip2-devel lsof glibc-headers kernel-devel expat-devel \ psmisc net-tools systemd-devel libdb-devel perl-DBI perl-Perl4-CoreLibs perl-libwww-perl xfsprogs rsyslog logrotate crontabs file kernel-headers
Any questions can again be answered with “Yes” or simply “y”.
The following three commands get the DirectAdmin installation file, change the permissions of said file, and install DirectAdmin. The last step should take a while.
wget -O setup.sh https://www.directadmin.com/setup.sh chmod 755 setup.sh ./setup.sh auto
When the message comes that everything is installed, you can scroll up a little in the terminal to find the login password. In our case, it concerns the following information:
Admin username: admin Admin password: [******************] Admin email: admin@directadmin.hetvoorbeelddomein.xyz
The link to log in is your domain with “: 2222” behind it, in our case http://directadmin.hetvoorbeelddomein.xyz:2222
If you accidentally have already closed the terminal, or for some other reason have not saved the information, you can reset the password. Login via SSH and enter the following command:
passwd admin
Safety Concerns
The following steps are advised to harden the security of your DirectAdmin Server.
Protect against DNS Amp Attacks
Bind (nameserver) allows default recursion, which MUST be turned off. Otherwise, you are vulnerable to dns amp attacks. Via SSH, use the following command to edit the configuration file:
nano /etc/named.conf
then, find the following line.
// recursion yes;
Change it to the following. Note the removal of the “//” at the beginning of the line.
recursion no;
Activate SSL/HTTPS
To ensure that the administration page is secured with an SSL certificate, we are going to execute the following commands via SSH. Make sure to replace directadmin.hetvoorbeelddomein.xyz with your own subdomain. First, we will manually create the certificate:
cd /usr/local/directadmin/scripts && ./letsencrypt.sh request_single directadmin.hetvoorbeelddomein.xyz 4096
If all went well, you will see the following message in your terminal:
Certificate for directadmin.hetvoorbeelddomein.xyz has been created successfully!
Next, we will ensure that the certificate is actually used:
cd /usr/local/directadmin ./directadmin set ssl 1 \ ./directadmin set carootcert /usr/local/directadmin/conf/carootcert.pem \ ./directadmin set ssl_redirect_host directadmin.hetvoorbeelddomein.xyz service directadmin restart
Activate Two-factor-authentication (2FA)
With the user admin you can manage all settings and websites on your DirectAdmin installation. Therefore, we advise to protect this user with 2FA. You could skip this step.
For more information about 2FA, see the following article:
First, login to your DirectAdmin installation. Then, click on the Admin User in the top right, and select Password
Next, click on Two-Step Authentication and generate a Secret. A QR code will appear, which you can scan with your 2FA app of your choice.
You will be automatically logged out to log in again with 2FA.
Add Main Domain
Finally, we are going to add the main domain within DirectAdmin. Site-management is done at “User-Level”, and for this you have to adjust the “Access-level” at the top.
Then go to Account Manager -> Domain Setup at the top menu.
Here you only need to enter the domain and click Create at the bottom.
Your DirectAdmin is now ready to use!
You can find the FTP data, create a Database, and provide SSL certificates through the Account Manager. For more information about using DirectAdmin itself, you can view their extensive Forum [link].