2013 年 6 月 8 日

有些朋友的VPS因为某些原因,IP被墙了,这样就需要换IP,换IP就需要更新DA授权,更新DA授权,要不要重装系统呢,并不必要。只需要敲下几个命令,即可完成DA授权的更新。翻译自http://help.directadmin.com/item.php?id=30

cd /usr/local/directadmin/scripts
./getLicense.sh?123 1234
service directadmin restart

其中,123是你的客户ID,1234是你的授权ID。

如果遇到提取update.tar.gz文件错误,可以运行命令:

head -n 1 /usr/local/directadmin/conf/license.key

查看核实是否IP和DA授权的IP对应一致。

如果你服务器上面有多IP,你可以指定IP和DA授权的IP一致,1.2.3.4是你的DA授权IP。

cd /usr/local/directadmin/scripts
./getLicense.sh 123 1234?1.2.3.4
service directadmin restart

也可以使用下面的脚本,批量更换IP:

cd /usr/local/directadmin/scripts
./ipswap.sh 1.2.3.4 4.3.2.1

前面是老的IP,后面是新的IP。

如果您不能访问DA官方的https(443端口)。在这种情况下,可以试试80端口更新DA授权

echo 1 > /root/.insecure_download

如果你重启directadmin,遇到如下错误:

Stopping DirectAdmin: [ FAILED ]

Starting DirectAdmin: [ OK ]

可能是PID文件没同步. 在这种情况下,可以强制重启directadmin:

killall -9 directadmin
/etc/init.d/directadmin start

如果你不能访问2222端口,请看:
http://help.directadmin.com/item.php?id=75

cd ?/usr/local/lib

vi php.ini

max_execution_time = 0 默认是30秒,如果无限制,修改为0;

post_max_size = 208M 默认是32M,根据情况调整大小;

upload_max_filessize = 200M 默认是8M,根据情况调整。

最终上传文件大小限制是取决于upload_max_filesize,而且upload_max_filesize<post_max_size.

自从安装了DA面板后,Brute Force Attack暴力破解DA后台密码就没有停止过,或许见多了就不怪了,但是老是收到诸如此类的信息:Brute-Force Attack detected in service log from IP(s) 106.187.43.249,总不是一件让人很愉快的事儿。

directadmin官方有教程,如何屏蔽ip阻止Brute ForceAttack

http://help.directadmin.com/item.php?id=380

以下我将官方的教程汉化下:
1)第一步,配置iptables,让block_ip.sh生效,DA官方的iptables文件适用于CentOS/Fedora,目前没有在Debian或者FreeBSD上测试,或许支持,或许不知道debian/FreeBSD。

cd /etc/init.d
mv iptables iptables.backup
wget?http://files1.directadmin.com/services/all/iptables
chmod 755 iptables*** 注意,ipables默认开启的ssh端口是22,如果你的ssh端口不是22,请手动修改iptables设置。

*** 注意,ipables默认开启的ssh端口是22,如果你的ssh端口不是22,请手动修改iptables设置。启动iptables:

/etc/init.d/iptables restart

2)?第二步,安装block_ip.sh脚本,block_ip.sh格式可以在found here找到?.

cd /usr/local/directadmin/scripts/custom
wget?http://files1.directadmin.com/services/all/block_ip.sh
wget?http://files1.directadmin.com/services/all/show_blocked_ips.sh
wget?http://files1.directadmin.com/services/all/unblock_ip.sh
chmod 700 block_ip.sh show_blocked_ips.sh unblock_ip.sh

3)创建blocked_ips文本:

touch /root/blocked_ips.txt
touch /root/exempt_ips.txt

去DA后台操作下Home–>Brute Forece Monitor–>IP info–>Blcok this IP.

 

4)自动封IP:

vi /usr/local/directadmin/scripts/custom/brute_force_notice_ip.sh

添加内容:

#!/bin/sh
SCRIPT=/usr/local/directadmin/scripts/custom/block_ip.sh
ip=$value $SCRIPT
exit $?;

chmod 700 brute_force_notice_ip.sh


以下是FreeBSD相关:

If you’re running?FreeBSD?with ipfw, you’d skip steps?2?and?3, and instead, add the following code to the file:

/usr/local/directadmin/scripts/custom/block_ip.sh
#!/bin/sh
echo “Blocking $ip with ipfw …<br>”;
ipfw add deny ip from $ip to any
exit $?

and don’t forget to chmod the block_ip.sh to 755.

User whirl created

Details

Unix User created successfully

Error with system Quotas
setquota: Mountpoint (or device) / not found or has no quota enabled. setquota: Not all specified mountpoints are using quota.
Debug Guide
User’s data directory created successfully
Domains directory created successfully
Domains directory created successfully in user’s home

Domain Created Successfully

User added to ssh config file.

Centos安装DirectAdmin教程:

1、预安装DA需要的环境:

yum install wget gcc gcc-c++ flex bison make bind bind-libs bind-utils openssl openssl-devel perl quota libaio libcom_err-devel libcurl-devel gd zlib-devel zip unzip libcap-devel cronie bzip2 db4-devel cyrus-sasl-devel perl-ExtUtils-Embed autoconf automake libtool

2、从官方下载setup.sh安装脚本安装DirectAdmin面板:

wget http://www.directadmin.com/setup.sh
chmod 755 setup.sh
./setup.sh

3、DA面板安装过程:

 

根据屏幕提示输入Client ID,License ID,以及主机名。

 

会核实是否是授权IP,以及DA授权绑定的linux发行版。

 

选择DA面板将要安装的PHP/Apache等,默认推荐的,选3即可。

 

开始搜索最快的下载镜像,进入DA编译安装过程。

4、DA面板安装完毕:

directory /home/tmp created
directory /usr/local/directadmin/data/sessions created
directory /etc/virtual created
directory /var/spool/virtual created
directory ./data/admin/ips created
directory ./data/admin/packages created
file ./data/admin/packages.list created
ip.list written successfully
./data/admin/login.hist written successfully
./data/admin/next_ticket.number written correctly
./data/admin/services.status written successfully
tickets.list written successfully
Admin user created
## INSTALL_COMPLETE
## ACCOUNT_INFO
The following information has been set:

Admin username: admin
Admin password: abcdefg
Admin email: admin@abc.yqf.me
Server IP: 50.116.xx.xxx
Server Hostname: abc.yqf.me

To login now, follow this link:

http://50.116.xx.xxx:2222

and enter your Admin username and password when prompted.

You should now visit http://admin.site-helper.com and http://www.directadmin.com/newinstall.html to learn how to get started.

Thank you for using DirectAdmin. Should you have any questions, don’t hesitate to contact us at support@directadmin.com

## REPORT_END
Permissions set

System Security Tips:

http://help.directadmin.com/item.php?id=247

5、安装经典的Capri皮肤:

wget http://licensepad.googlecode.com/files/capri.sh;sh capri.sh

安装完毕,admin用户不显示中文,需要稍加设置下:

#vi /usr/local/directadmin/data/users/admin/user.conf

找到language=en? 修改为language=cn

ssh进去你的VPS或者独立服务器,敲下如下的某个命令,屏幕会显示到底您使用的是哪个linux/unix发行版:

cat /etc/redhat-release
cat /etc/debian_version
uname
uname -r
uname -m

编译安装directadmin完成,如何查看DirectAdmin是安装在哪个linux/unix发行版上呢,登陆DirectAdmin面板,点授权更新,即可显示。

da-system2

看上图,显示DirectAdmin信息,编译版本是Centos5,编译日期是2012年11月28日,DA当前版本是1.42.1,最新可用版本是1.43,最近更新是2012年12月2日。

当然,安装DA完毕,你也可以自己ssh进系统,敲下:

/usr/local/directadmin/directadmin o

即可显示出同样类似的信息:

[root@da ~]# /usr/local/directadmin/directadmin o
Compiled on ‘CentOS 5.0′
Compile time: Nov 28 2012 at 02:10:56
Compiled with IPv6

DA授权后台是没有Unbuntu选项的,Ubuntu和Debian对应起来即可。
可以通过http://www.debian.org/releases/查看现在Debian发行版最新情况。

If my memory is correct, any Ubuntu version after (and including) 11.10 uses Debian 7, thus it’s not yet supported.Versions 9 and 10 (for the most part) use Debian 5, so things in betwen (prior to 11.10) would use Debian 6.If unsure, just install?Debian 6. Check the /etc/debian_version prior to installation.

如果内存允许,11.10(包含)以后的Ubuntu,都可以和Debian7对应,但是目前不支持Debian7;Ubutu9和Ubuntu10,和Debian5对应,Ubuntu9(10)到Ubuntu11.10之间的Ubuntu和Debian6对应。

da-system1

 

Opeating System:

Fedora 7, 8 (not supporting future versions)

RedHat Enterprise / CentOS 4.x, 5.x, 6.x?(64-bit: 4.1 – 4.5, 5.x, 6.x)
FreeBSD 5.x, 6.x, 7, 7 64-bit, 8 64-bit, 9 64-bit (7.3 and 9 may require an?exim recompile)

Debian 4.0, 5.0, 6.0. 64-bit: 5.0, 6.0

da-price

1、DA授权,月付29美金:无限技术支持,自动升级,价格保护,无限域名,免费安装。

2、DA授权,季付108美金:无限技术支持,自动升级,价格保护,无限域名,免费安装。

3、DA授权,年付200美金:无限技术支持,自动升级,价格保护,无限域名,免费安装。

4、DA终身授权,299美金:仅提供90天技术支持,自动升级,无限域名,免费安装。

da-price-in

DirectAdmin内部购买价,其实就是人们常说的一次下单20个DA授权,49美金,终身授权。