VirtualMin: Failed DNS Validation when request CERT attempted from Let's Encrypt Servers

70 posts / 0 new
Last post
#1 Tue, 11/05/2019 - 14:36
NikosGr

VirtualMin: Failed DNS Validation when request CERT attempted from Let's Encrypt Servers

I'am trying to read myuser@superhost.gr mail via GMail.

To do that i have via VirtualMin to request a Let's Encrypt Cert.

But iam receiving this error when DNS Validation is attempted by Elet's Encrypt Servers

A TXT record entry with specific value is applied automatically to my superhost.gr DNS Zone every time i make an attempt to request a certificate via VirtualMin

Since it is able to add this DNS entry by itself sucessfully WHY does it report back?

mail.superhost.gr challenge did not pass: Incorrect TXT record “IQ_bFSECzFcqYKWJSLWyV37-psVy57_cmF_bq-H63Sc” found at _acme-challenge.mail.superhost.gr

What exactly is this error message saying? that it cannot reuqest back the TXT record entry that told VirtualMin to put there in the first place?

Wed, 11/06/2019 - 03:53
Jfro

kind of doublepost , see other reply from me dns is not good for mail.superhost.gr

Also what is your hostname / mainserver has this for example only superhost.gr then no good if so. ( you do not use maindomain name as hostname normally) should be "vm or vps-or...whatever you want.".yourservermaindomain.

Wed, 11/06/2019 - 03:59
NikosGr

the Hostname i have set is just "superhost.gr" Should i ask the compnay to set a PTR record for mail.superhost.gr is it possible that the lack of PTR created problems.

Please post here your DNS reply you mentioned becuase i kind of lost track in the other thread.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 04:02
Dibs

To my mind - hostname should not be "superhost.gr" - that's the domain name. Hostname should be something like "server1" or anything like that, i.e. a single name - no dot and no suffix.

Wed, 11/06/2019 - 04:06 (Reply to #4)
NikosGr

VirtualMin installaton had the hostname been "superhost.gr" upon running the install script. I dont think that is a problem though but i want to hear form others too.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 04:08 (Reply to #5)
Dibs

Nikos - you are saying "you don't think it's a problem" but you do seem to be having a few problems. Hostname NOT EQUAL domain name. I suggest you fix this. Jfro is saying the same thing.

Wed, 11/06/2019 - 04:12 (Reply to #6)
NikosGr

Apologize, should i set the hostname to perhaps "nikos.superhost.gr" and then create an A record for it? if i just set it to "nikos" system is not accepting it because its not being resolved.

update: i changed the hostname to "nikos.superhost.gr" and creates an A entry in DNS.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 04:20
Jfro

I suggest using an external dns system while you seems to use / have only one ip ( and others same block) nameservers you have to do it right minimum 2 ip and also in different ip blocks .

If you manual or automatic then fille in your records there , you onlye have to take care of bind /dns for maindomain/ mail and dkim part if using.

Reverse ptr you ask your host to set it right or in an panel if they have.

Respons from me is 123 short and quick, so read first more about that stuff on the web!

you need ofcourse for hostname also le cert , best is to have them all in one ( how i do it, but some do separate them) for that domain.

I did write before with your dovecot LE problems can't help you with wirten out manuals, while having other config, as you can see here i was so right. ;)

Please don't go for quick changes everytime something is not 100% ok, but take more time to read about such topics and howtos on the web, i advise while only then you could know more to do it right otherwise it seems you are folow advise / texts on the web and here without knowing the reason, and as serveradmin you have to know real what you do!

I do lot on CLI and not in Virtualmin GUI , so i can't help with lot of stuff as howto's, only pointing out some are good or not as end result!

Wed, 11/06/2019 - 04:24
Dibs

I'm not sure I explained myself properly.

Hostname - this is a singular name. Like "nikos" or "nikos1" or any single word. That's what you set in Webmin - Networking - Network Configuration - Hostname & DNS Client. It might be possible to set it in Virtualmin - but I couldn't see it.

Domain name is usually a 2 part name - in your case: superhost.gr

DNS Entries - these are made up of A records, CNAMES, TXT records and MX records (mostly). I suggest you read up on these and perhaps read up on your Registrar's website on how the entries should be made. Assuming you aren't running BIND yourself.

HIH

Dibs

Wed, 11/06/2019 - 04:32 (Reply to #9)
Jfro

Again as we ( Dibs and me)both have advise for you more then one time do more readings about all those topics you're asking here yourself!

As lot goes wrong doing false / wrong .... ;)

Example https://www.virtualmin.com/comment/819272#comment-819272

As almost none Control panel is for newbee out of the box, doing stuff all good as it has to be, even if so you better have some knowledge what you do as SERVERADMINS!

Wed, 11/06/2019 - 04:34 (Reply to #10)
NikosGr

my Companys panel at "change hostnames" it does not let me use just "nikos" as value fr Hostname, but "nikos.superhost.gr" creating an A record for it.

"That's what you set in Webmin - Networking - Network Configuration - Hostname & DNS Client. It might be possible to set it in Virtualmin - but I couldn't see it"

Will there be any trouble if i put there just "nikos", perhaps breaking things, iam afraid to do it....

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 04:40 (Reply to #11)
Jfro

Here you go with knowledge.

That

my Companys panel at "change hostnames" is the one from your hoster right?

That is total different then GUI Virtualmin!

That part (the one from your hoster) is doing it as you can do in CLI.

Knowing really what you do and what those GUI, company's panel and CLI do is a PLUS!

Not knowing ( good enough) and react as .... much to quick doing changes everytime someone write here , or you read somewhere is so dangerous!

Keep in mind DIBS Me and all are mean it well with you, but Users asking for Support should do also some work, sofar possible to get more and better knowledge about some basics that serveradmin has to know.

VIRTUALMIN / WEBMIN is very bad control panel for the kind of "copy paste" serveradmins .

Dont know how to say it in good Englisch without being rude where copypaste-only=dumb, not meaning to be that rude!

I'm not a experienced LINUX server admin but have over 30 years experience in IT , then you know most mistakes made because lack of knowledge. even me.. ;)

Wed, 11/06/2019 - 04:52 (Reply to #12)
Dibs

Please re-read comment #9. Then maybe re-read it x2 again. ;)

Wed, 11/06/2019 - 05:11
Dibs

@Nikos - my advice to you is this (and feel free to ignore it): get yourself another VPS (DigitalOcean & Linode are cheap enough). Install something like Ubuntu 16.04LTS and follow their tutorials (there's lots of them) on hardening it, setting up IPTables, SSH, etc. Just a basic box. Learn the basics. Anything goes wrong - start again: the images deploy easy enough.

Understand

  • basic networking,
  • DNS entries,
  • the difference between hostname, DNS and a FQDN
  • basic Linux permissions
  • how to do basic stuff from CLI, like create files, copy files, set permissions & delete files

Once you have a basic box - install Virtualmin and assuming you have done the above, in 99% of the cases things will run with 0 issues.

Unfortunately the big downside of all the above is YOU need to invest that time in yourself, your skills & knowledge.

I would go so far as to say the choice is binary - either invest or pay someone else to do it. There is a 3rd choice - don't do it.

Dibs

Wed, 11/06/2019 - 06:49
NikosGr

I asked an admin of my company to take a loot at my DNS and it says

your server has a PTR record, this subdomain mail.superhost.gr can't have a PTR record:

https://mxtoolbox.com/SuperTool.aspx?action=ptr%3amail.superhost.gr&run=...

I see that your domain has MX record and this shows that your domain "superhost.gr" is pointed to your subdomain "mail.superhost.gr":

https://www.whatsmydns.net/#MX/superhost.gr

What should i ask them to do? PTR should be pointed to superhost.gr? or mail.superhost.gr?

and HOW to alter "superhost.gr" to NOT point to subdomain "mail.superhost.gr": ?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 07:01
NikosGr

Please have a little pasience with me, i must sort this out.

  1. From within VirtualMin=>Network Configuration=>Hostname, shall i set it to "nikos" or to "nikos.superhost.gr" ?
  2. WHY anf HOW to alter "superhost.gr" to NOT point to subdomain "mail.superhost.gr": ?
  3. Which hostname has to have PTR record configured? "superhost.gr" or "mai.superhost.gr"

Please help me FIX this mess with DNS Records because i don't want to break things as i host other 3 websites. Thank you very much.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 07:28
NikosGr

i droped "Nikos" lets try "secure"

If i make the hostname change via virtualmin it says hostname: secure(10.x.x.x some local ip). If i instead change the hostanme from my company's panel it doesnt allow me to use "secure" as hostname, but it needs an A record for that which i added to DNS records and wants the hostname to be as "secure.superhost.gr"

is this ok for 1st step to troubleshoot this?

Which method of altering hostname should i pick Virtualmin's or Time4VPS panel?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 07:49
NikosGr

Here is a pic for you guys to see my current superhost.gr DND Record Configuration: https://imgur.com/a/PaWGhEW

Can you please check if it is ok? Ask my any output you want to see and i'll post back to you. Thank you and please have a little patience with me to help me resolve this.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 07:58
Jfro

I only see and understand you didn't.

https://www.virtualmin.com/comment/819288#comment-819288

and some https://www.virtualmin.com/comment/819280#comment-819280

You can use the https://www.virtualmin.com/comment/819031#comment-819031

Or payed ticket support if you don't have time enough...

While only picking one example if using ipv6 do it all and right also ptr record for ipv6 should be ok and so more............

Wed, 11/06/2019 - 08:05
NikosGr

Ι have read all yout posts but i still need step-by-step guidance. I cannot afford paying for support.

But iam willing to try commands via SSH or VirtualMin and post back the results. Please as a perosnal favour, do help me understand whats wrong with my DNS configuration.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 09:18
Jfro

I don't have step by step for you.

Please a lot is on the web for free info about the parts DIBS did write.

Important in my eyes!

IF you have using possible external dns at your hoster i advise using that, then most of the time you have 2 or more nameservers ns1 and ns2 from them on different ip blocks!

Wed, 11/06/2019 - 09:31
NikosGr

2 things

  1. How do i add certificate to my subdomain "mail.superhost.gr". Its this subdomain that is giving me the error when i try to request cert form LE. Why does it fail? 2.. Which entry do i have to delete from DNS configuation for superhost.gr to STOP pointing to mail.superhost.gr

I have added a pic for you to see. Please i need the configuration of superhost.gr to be correct in order for the SSL Cert to pass. Is this correct? https://imgur.com/a/PaWGhEW

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 10:05 (Reply to #22)
dimitrist

remove mail.domain and use domain as mail server, or skip encryption on email.. why bother with that if you can't fix/understand/read? in anycase, unless you're ready to do some heavy reading, better tell your admin or some pro, to setup virtualmin for you...

Wed, 11/06/2019 - 10:09 (Reply to #23)
NikosGr

You mean that i should delete the entry for: "mail A 176.223.129.220". Are you sure that line is NOT important to be there so the system knows what is the MX for the domain?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 09:55
Jfro

Important in my eyes!

IF you have using possible external dns at your hoster i advise using that, then most of the time you have 2 or more nameservers ns1 and ns2 from them on different ip blocks!

Wed, 11/06/2019 - 09:57
NikosGr

Can you PLEASE HELP ME install SSL Cert to "mail.superhost.gr"? Thats all i ask. Please tell me exactly what to do because its failing.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 10:10 (Reply to #26)
Jfro

No while to much is wrong.

Please contact your hoster.

Aks or inform if they have in same package a dns service you can use , and take a start from there! ( using their nameservers and so on) That is realy gona help you, not going any further with only one ip adress or in same block for 2 own nameservers makes no sense.

Please folow up advice from me AND DIBS , i gues we both don't / can't help if having not the right base ....

So aks hoster if they can deliver or how you can use their DNS services!

Wed, 11/06/2019 - 10:13
NikosGr

ok i will do that and report back

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 10:38
Dibs

@Nikos - I really do sympathise with you and your situation. The problem\issue with Virtualmin (and other panels) and Linux really is that it requires prerequisite knowledge. When this is missing - it gets really difficult to resolve issues as a person will try almost anything and everything when there are problems.

  1. What operating system (& version) are you running on this VPS? (Ubuntu, CentOS, etc.?)
  2. What are you wanting to do with this VPS? Host websites and their mail? Or just websites or just email?
  3. Are you running DNS (i.e. BIND) yourself or using the domain registrar's DNS control panels?

The answer to question 3 - looks like you are running it yourself as ns1.superhost.gr & ns2.superhost.gr (both having the same IP) appear to be the nameservers set at https://www.papaki.com/el which looks like where you registered your domain. If this is the case - WHY have you done this? You only have 1 IP and it isn't wise to have both nameservers on 1 IP. Who or what told you to set it this way?

Dibs

Wed, 11/06/2019 - 10:55
NikosGr

Hello Dibs and THANK YOU for understanding my frustrating situation.

  1. CentOS 7.6 Along with latest VirtualMin
  2. Host websites and their mail.
  3. I'am running it myself. All servers running from the same machine. I did this myself when i registered and bought the domain on papaki which asked me the nameservers for my domain and i provided them.t

2 questions please so to understand if things is set up properly for my domain, i need to know that, please bare with me.

My domain is superhost.gr along with VirtualMin

  1. What should i set the Hostname to be i.e. "secure.superhost.gr" or just "superhost.gr" Does it matter?

  2. Where should the PTR record point? Currently it points to "secure.superhost.gr", but is this correct, or needs to be pointingto domain itself or perhaps the mail exchange which is "mail.superhost.gr"

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 11:09 (Reply to #30)
Dibs

Before going any further - login to your papaki portal for your domains and check if you can add A (and other) records there? I am 99.99% you can - but best to check. It may ask you to use their nameservers to do that. You should be able to check - without saving. i.e. cancel out at the end.

Wed, 11/06/2019 - 11:14
NikosGr

I bought the superhost.gr domain, BUT the only thing i can do is set the nameservers (ns1.superhost.gr & ns2.superhost.gr) in their CP.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 11:52
Dibs

Nikos,

According to papaki support pages;

you can use there DNS servers and maintain entries for A, CNAME, MX and other records (manually) there.

Here's my advice and (as it's free you may well ignore it, that usually happens with free advice):

At this point your server will only be accessible via external IP address - and that's fine for now.

According to Wikipedia

A device with the hostname myhost in the parent domain example.com has the fully qualified domain name myhost.example.com. The FQDN uniquely distinguishes the device from any other hosts called myhost in other domains.

So decide on a hostname - server1 is fine. So is nikos. Even athens1 is fine. The domain name is superhost.gr which gives a FQDN of athens1.superhost.gr

Now go to Papaki and in the FreeDNS control panel create an A record for athens1.superhost.gr pointing it to the external IP. Then create a CNAME for www and point that to the A record. Once this has propagated you will be able to access the server by name - there will be nothing there. Most want a host -you can use the @ symbol and it should be fine. Then create a CNAME for www - that should be enough to get the basics going.

Then install Virtualmin GPL and DO NOT select or install BIND.

During the install - the hostname would be athens1 (or nikos1 or whatever you selected), the domain would be superhost.gr if asked and the FQDN would athens1.superhost.gr - understand the basic differences between these things, i.e.

hostname + domain name = FQDN athens1 + superhost.gr = athens1.superhost.gr

Hopefully the above is crystal clear.

You would want Virtualmin to install

  • Apache
  • php
  • mySQL
  • Postfix
  • Dovecot

Basically most things apart from BIND.

At this point you should have a basic working and secure installation of Virtualmin.

Now you should be able to create a new VirtualServer for each of your other 3 domains enabling website & mail if required. Leave SSL alone for now. Do one domain 1st (say kidsclubpaidika.gr). Copy the website from your 1st server onto your 2nd one.

Go to Papaki's control panel - and using their FreeDNS create and A record for that domain. Most want a host -you can use the @ symbol and it should be fine. Then create a CNAME for www - that should be enough to get the basics going.

Test the website and if all is well, then go back to Papaki and add an MX record for it - you will also need to add an SPF record in the 1st instance - where you are saying that the 2nd VPS's IP address is allowed to send email for it. Test your email - outbound and inbound. Create a test user on this domain.

Once that is working - enable the SSL for it and using Virtualmin's LE page - request a cert for

and if you've done everything you should have - it should provide the certificate without having to do anything further.

Then repeat for the other 2 domains - i.e., create virtual server, enable just http, create A & CNAME records, test it, enable mail, create MX record (test inbound & outbound), copy the website across, enable SSL, request the cert & test again.

Then once all domains are on the new server - kill the old one.

Wed, 11/06/2019 - 12:30
NikosGr

Indeed i have found the Free DNS Service of papaki.gr Currenly one of my clients uploads pictures to its WooCommerce and i don't want to distract himas he has a lot of work to do. I dont want him to complain again about his site not loading up/

If i disable BIND then i will have to enter records A, CNAME, MX for each domain right? That would bring down the sites and i dont want that because i will here complains.

Can i maintain BIND for my clients only and for starters ONLY change superhost.gr DNS from BIND to papaki FreeDNS (dns1.papaki.gr & dns2.papaki.gr)

if i do these alternations ONLY for superhost.gr will the other websites maintain intact?

What happens if BIND is active and FreeDNS of papaki service is also active? what would that do to superhost.gr?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 12:42 (Reply to #34)
Dibs

If you change superhost.gr to use Papaki's DNS servers but leave the clients on BIND (i.e. your DNS) then you would need to add A records (or CNAMEs) for ns1.superhost.gr & ns2.superhost.gr on Papaki - which technically would require propagation. That may or may not result in downtime for your clients.

Looking at your other posts - your server does seem to have a few issues. A new VPS would probably be the best way forward. It may involve downtime, but you could discuss that with your client and look to switch over overnight as opposed to daytime there. Minimising the downtime.

Or purchase another domain like superhost1.gr and use that for the new VPS. You could use A records and have one point to the existing FQDN and another to the say server2.superhost.gr - and move domains slowly, leaving the Woocommerce one till last.

But the moment you want to resolve the issues with the existing VPS and still maintain uptime - as you appear to a novice - that's going to get tricky.

Apologies if it's not the answer you would like.

Dibs

Wed, 11/06/2019 - 12:52
NikosGr

I will make all chnages to the current VPS

I have enabled freedns on papaki. a add A records for

www.superhost.gr mail.superhost.gr ftp.superhost.gr secure.superhost.gr

Problem is that I don't know what to enter for CNAME and MX please. it has 2 input fields on both and i dont know what to enter, i will post the pics.

https://imgur.com/a/0OixfHS https://imgur.com/a/AbBkm5U

please QUICKLY DO TELL ME WHAT VALUES TO PUT THERE as seen in the pictures so for superhost.gr to propagate correctly!!!!

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 13:54 (Reply to #36)
Dibs

CNAMES are the subdomain.

  • www is a subdomain
  • mail is a subdomain (technically - but that might be best done with an A record)
  • ftp is a subdomain

so in the case of

A Record
Host                           Value
@                              IP ADDRESS
mail.superhost.gr              IP ADDRESS

CNAME
Host                           Value
www                            superhost.gr

MX
Host                            Value
@                               mail.superhost.gr   10
Wed, 11/06/2019 - 14:02 (Reply to #37)
NikosGr

Umm, thnaks for answering but still its not clear to me. What is '@'.

CNAME and MX have 2 input fields each and i'm still not sure what to enter there.

Please look at the photos and tell me what i need to enter to each field? I only understood how to place A records, which is easy, just the name of the subdomain and then to the other field the ip address https://imgur.com/a/0OixfHS https://imgur.com/a/AbBkm5U

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 14:12 (Reply to #38)
Dibs

@ is a synonym for the root domain. Nikos - at the risk of saying it plainly, just put the damn thing in.

CNAME - in the code snippet I posted up there was a a "table" of 2 columns, what bit of the example did you not understand?

CNAME's require a host\subdomain and a value - the 1st part is www and the second part is superhost.gr

Wed, 11/06/2019 - 14:29 (Reply to #39)
NikosGr

I still don't follow.

MX asks: input mail domain, input mail exchanger

CNAME asks: input domain name, input canonical name(destination)

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 14:40 (Reply to #40)
Dibs

Did you read the following link - https://www.papaki.com/support/kb/article/%ce%a4%ce%b9-%ce%b5%ce%af%ce%b...

that I posted earlier? It explains A, CNAME & MX records and refers to their system.

EDIT: if nothing else, log a support ticket with papaki and ask them about DNS records or an online chat if they have one. As them what needs to input on the screen if you want to add a CNAME for www pointing to superhost.gr - I recently came across a domain registrar which I hadn't used and their system wasn't intuitive - so I asked their support who explained in a few mins.

Wed, 11/06/2019 - 14:46 (Reply to #41)
NikosGr

i managed to put those entries. Before you said somethign that if i was to leave BIND active for my other websites i have to:

can you explain it please?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 14:54 (Reply to #42)
Dibs

You would need BIND to not resolve for superhost.gr - how you would do that, I don't know, as I don't run BIND. You might not be able to do that as domain is running the name servers.

To stop things breaking further - you should add 2 more A records or CNAME's for ns1.superhost.gr & ns2.superhost.gr - I'd go with A records for the moment - just in case CNAME's are not the preferred way for nameservers.

Wed, 11/06/2019 - 15:01 (Reply to #43)
NikosGr

Call me an idiot but i fear iam gonna break things.

Unless you accept me giving you access to papaki.gr to make the alternations yourself correctly as it should, i'am switching back to BIND.

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 13:02
NikosGr

May i please give you access on papaki.gr, for you to make the changes correct?

I'am afraid i will do something stupid if i enable papakis dns servers, mostly about the other sites NOT loading properly.

For starters i WILL ONLY MAKE CHNAGE TO DNS OF SUPERHOST.GR NOTHING ELSE. but you said somethign about load or might not load, iam confused.

Could you please make the alternations correctly?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 14:55
Dibs

Do you have access to the DNS control panels for the other domains?

Wed, 11/06/2019 - 15:08 (Reply to #46)
NikosGr

ALL 4 domains are in the same DNS control panel because i host all of them to papaki.gr

Shall i give you access to make the changes to all 4 domains so i can finally disable BIND?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 14:58
Dibs

If i disable BIND then i will have to enter records A, CNAME, MX for each domain right? That would bring down the sites and i dont want that because i will here complains.

If you add in all the relevant A, CNAME, TXT (spf) & MX records for the other domains correctly - nothing would come down. 1 minute they would be resolving using the name servers and the next minute via the registrars DNS servers once propagation hits the DNS that they are using.

Try it on one of the domains (other than superhost.gr) and see how it goes.

Wed, 11/06/2019 - 15:12
Dibs

Nikos - I'm personally not sure what you are afraid of. Pick one of the domains - one that is least important and change it over from the nameservers to use A, CNAME, TXT, MX records and see how you get on.

Worst case scenario is you can go back to the nameserver entries.

Why shit yourself over doing something that can be reversed?

Don't take this personally - if you can't do sysadmin stuff or learn to do it, you either need to move to a managed service somewhere or stop doing it.

Wed, 11/06/2019 - 15:17
NikosGr

Could you fix it for me please? i would not know what A is required or CNAME instead. Shall i give you access to make the needed changes?

Intel Inside, Idiot Outside!

Wed, 11/06/2019 - 15:26
Dibs

Nikos - not really related to your issue but I used to be on shared hosting up until middle of 2016. It allowed me to host my domain\mail. The provider was getting out of the business of shared hosting. So I googled and having a few bad experiences prior to that with shared hosting - I didn't want to go back to it. So goggled and found out about VPS's.

Then read up and found Virtualmin - read up on the docs and searched the forums. I settled on Linode and read their docs on setting up a LAMP stack etc. And securing the VPS. I followed the docs I had found and installed Virtualmin and put 2 domains on it.

Didn't really do much over the next 3 years. Then this year I was told one of the domains wasn't able to send emails to hotmail. That made me check if the server IP was on any blacklists. It was on backscaterrer. In the space of a few weeks, I learnt about Apache (to a greater depth), upgraded to the latest version of PHP, created additional jails for Fail2Ban (from the CLI) and locked Postfix down (again from the CLI) to a far greater degree. I did also look in Virtualmin to see where thos additional config changes I had made via CLI were turning up. I found them. All this via CLI - i prefer it that way.

My point in saying this - I'm not an experienced SysAdmin, but I come from a very tech heavy background (Cisco, Windows, MS Exchange etc) so perhaps for me picking up things is easier - but there's no substitute for putting the hours in. Learning, putting a plan together (with some idea of how to reverse what I have done), testing and then doing it for real.

Pages