Browse By

ISPConfig 3 on AWS with RDS and Ubuntu 14.10

Setting up ISPConfig on AWS with an Ubuntu 14.04 image and MySQL RDS


  • Nginx
  • RDS (MySQL)
  • Ubuntu 14.10
  • EC2
  • VPC
  • Dovecot
  • Postfix
  • ISPConfig

Basically we are using the great guide below with modifications to suit Amazon’s AWS infrastructure.

Setup a hostname on your machine;


Edit you host file and add the hostname with your local IP


Make sure that the multiverse and universe repositories are enabled by uncommenting them in;


If a new kernel was installed reboot if you don’t know just reboot anyway;

Ubuntu by default uses dash as the default shell we need to change that to bash using dpkg-reconfigure

Select “No” when it asks if you want to use dash and the default shell.

Disable apparmor;

Setup NTP for time synchronisation;

Install postfix, rkhunter, mysql-client and bindutils;

For the postfix setup select the following;

  • Hostname –
  • Local only
  • Internet Site
  • System mail name –

Modify the following lines in postfix in /etc/main/


Now add the following line in both smtps and submission sections;

Restart postfix;

Install Amavisd-new, SpamAssassin and ClamAV

ISPConfig uses Amavis which loads spamassassin internally so we can stop the spamassassin process;

Run clamav;

Install Nginx;

Install php5 using php5-fpm;

You might want to install some extra php5 modules like;

You can search them with;

Install APC;

Fix some parameters in your /etc/php5/fpm/php.ini;

Restart php5-fpm;

Install fcgiwrap;

install PHPMyAdmin;

Do not select lighthttpd or apache2 and click “OK” to continue (Nginx is neither of these).

Select “No” to phpmyadmin with dbconfig-common;

<nginx configuration for phpmyadmin>

Setup new maillist called Mailman before mailman can be used.

sudo newlist mailman

Add the following lines to /etc/aliases;


Restart postfix;

Then start mailman;

<insert mailman nginx configuration>

Install PureFTPd and Quota;

edit /etc/default/pure-ftpd-common;

Make sure that start mode is set to standalone and VIRTUALCHROOT=true;

If you want to run TLS FTP sessions then complete the following;

In order to use TLS we need to setup a new certificate;

Generate an SSL certificate with;

Change permissions on the certificate key;

Restart pureFTPd;

Setup quota’s and fstab;

The kernel supplied with the Amazon Ubuntu image doesn’t support quota’s (the modules have been removed) so we’ll need to add the support back into the kernel with the following package;

Add the following kernel modules to /etc/modules to load on boot

  • quota_v2
  • quota_v1

Example /etc/modules

Reboot and check the modules loaded correctly;

This should return;

Check that quota is enabled after reboot;

Install bind;

Install Vlogger, Webalizer and AWStats

Open /etc/cron.d/awstats and comment out everything;

Install Jailkit

Jailkit is needed to jail SSH users (Recommended). Important: Jailkit can only be installed before ISPConfig!

You can now install the Jailkit .deb package as follows:

Install fail2ban (Recommended);

Setup fail2ban to monitor PureFTPd and Dovecot;

Add the following;

Now create the following filters;

Restart fail2ban to load the rules;

Install webmail software

Remove apache2;

Restart nginx;

Install ISPConfig;

Run the php installer;



If you have not updated you DNS records for the host you specified in the beginning you will not be able to log into ISPConfig due to security restrictions set on the MySQL databases.

If you are having trouble logging into the interface with username: admin and password admin you can do the following;

If you see the following error in /var/log/nginx/error.log

Access denied for user ‘ispconfig’@’%’ to database ‘dbispconfig’ in /usr/local/ispconfig/interface/lib/classes/ on line 70

Update your public DNS then login to the database using the RDS admin user and run

flush hosts;

If you can’t update your public DNS you can do the following;

You can remove this security (Though not recommended) by doing the following;

% is a wild card so any host can effectively log into your RDS database if they have the correct credentials.

update mysql.db set Host = “%” where Host = “”;

update mysql.user set Host = “%” where Host = “”;

flush hosts;

flush privileges;

This should allow you to log in.


Leave a Reply

Your email address will not be published. Required fields are marked *