Cara memasukkan aplikasi ke ubuntu

3. Download Wordpress

Jalankan perintah dibawah ini untuk download wordpress

# wget https://wordpress.org/latest.tar.gz

Extrak File wordpress

# tar -zxvf latest.tar.gz

disini saya me rename dari wordpress menjadi website2

# mv wordpress website2

pindahkan forler website2 ke direktori /var/www/html/

# mv website2 /var/www/html/

ubah hak akses pada direktori website2

# chown -R www-data:www-data /var/www/html/website2/
# chmod -R 755 /var/www/html/website2/

4. Configurasi Virtual Host

buat file website2.conf untuk membuat Virtualhost.

# nano /etc/apache2/sites-available/website2.conf

Masukan parameter dibawah ini

<VirtualHost *:80>
        ServerName websiteku.com
        ServerALias www.websiteku.com
        ServerAdmin webmaster@websiteku.com
        DocumentRoot /var/www/html/website2
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Aktifkan Virtualhost

# a2ensite website2.conf

Restart Apache2

# systemctl reload apache2

Read More

The Perfect Server - Ubuntu 14.04 (Apache2, PHP, MySQL, PureFTPD, BIND, Dovecot, ISPConfig 3) - Page 5

16. Install PureFTPd And Quota

PureFTPd and quota can be installed with the following command:

apt-get install pure-ftpd-common pure-ftpd-mysql quota quotatool

Edit the file /etc/default/pure-ftpd-common...

vi /etc/default/pure-ftpd-common

... and make sure that the start mode is set to standalone and set VIRTUALCHROOT=true:

[...] STANDALONE_OR_INETD=standalone [...] VIRTUALCHROOT=true [...]

Now we configure PureFTPd to allow FTP and TLS sessions. FTP is a very insecure protocol because all passwords and all data are transferred in clear text. By using TLS, the whole communication can be encrypted, thus making FTP much more secure.

If you want to allow FTP and TLS sessions, run

echo 1 > /etc/pure-ftpd/conf/TLS

In order to use TLS, we must create an SSL certificate. I create it in /etc/ssl/private/, therefore I create that directory first:

mkdir -p /etc/ssl/private/

Afterwards, we can generate the SSL certificate as follows:

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout /etc/ssl/private/pure-ftpd.pem -out /etc/ssl/private/pure-ftpd.pem

Country Name (2 letter code) [AU]: <-- Enter your Country Name (e.g., "DE").
State or Province Name (full name) [Some-State]:<-- Enter your State or Province Name.
Locality Name (eg, city) []:<-- Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:<-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []:<-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, YOUR name) []:<-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []:<-- Enter your Email Address.

Change the permissions of the SSL certificate:

chmod 600 /etc/ssl/private/pure-ftpd.pem

Then restart PureFTPd:

service pure-ftpd-mysql restart

Edit /etc/fstab. Mine looks like this (I added ,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 to the partition with the mount point /):

vi /etc/fstab

# /etc/fstab: static file system information. # # Use 'blkid' to print the universally unique identifier for a # device; this may be used with UUID= as a more robust way to name devices # that works even if disks are added and removed. See fstab(5). # # <file system> <mount point> <type> <options> <dump> <pass> /dev/mapper/server1--vg-root / ext4 errors=remount-ro,usrjquota=quota.user,grpjquota=quota.group,jqfmt=vfsv0 0 1 # /boot was on /dev/sda1 during installation UUID=9b8299f1-b2a2-4231-9ba1-4540fad76b0f /boot ext2 defaults 0 2 /dev/mapper/server1--vg-swap_1 none swap sw 0 0

To enable quota, run these commands:

mount -o remount /

quotacheck -avugm 
quotaon -avug

17. Install BIND DNS Server

BIND can be installed as follows:

apt-get install bind9 dnsutils

18. Install Vlogger, Webalizer, And AWstats

Vlogger, webalizer, and AWstats can be installed as follows:

apt-get install vlogger webalizer awstats geoip-database libclass-dbi-mysql-perl

Open /etc/cron.d/awstats afterwards...

vi /etc/cron.d/awstats

... and comment out everything in that file:

#MAILTO=root #*/10 * * * * www-data [ -x /usr/share/awstats/tools/update.sh ] && /usr/share/awstats/tools/update.sh # Generate static reports: #10 03 * * * www-data [ -x /usr/share/awstats/tools/buildstatic.sh ] && /usr/share/awstats/tools/buildstatic.sh

19. Install Jailkit

Jailkit is needed only if you want to chroot SSH users. It can be installed as follows (important: Jailkit must be installed before ISPConfig - it cannot be installed afterwards!):

apt-get install build-essential autoconf automake1.9 libtool flex bison debhelper binutils-gold

cd /tmp 
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz 
tar xvfz jailkit-2.17.tar.gz 
cd jailkit-2.17 
./debian/rules binary

You can now install the Jailkit .deb package as follows:

cd .. 
dpkg -i jailkit_2.17-1_*.deb 
rm -rf jailkit-2.17*

20. Install fail2ban

This is optional but recommended, because the ISPConfig monitor tries to show the log:

apt-get install fail2ban

To make fail2ban monitor PureFTPd and Dovecot, create the file /etc/fail2ban/jail.local:

vi /etc/fail2ban/jail.local

[pureftpd] enabled = true port = ftp filter = pureftpd logpath = /var/log/syslog maxretry = 3 [dovecot-pop3imap] enabled = true filter = dovecot-pop3imap action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp] logpath = /var/log/mail.log maxretry = 5 [postfix-sasl] enabled = true port = smtp filter = postfix-sasl logpath = /var/log/mail.log maxretry = 3

Then create the following two filter files:

vi /etc/fail2ban/filter.d/pureftpd.conf

[Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex =

vi /etc/fail2ban/filter.d/dovecot-pop3imap.conf

[Definition] failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.* ignoreregex =

Add the missing ignoreregex line in the postfix-sasl file:

echo "ignoreregex =" >> /etc/fail2ban/filter.d/postfix-sasl.conf

Restart fail2ban afterwards:

service fail2ban restart

Read More

* Restarting web server apache2 AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message

Good news! Apache is restarting successfully. Apache just isn't sure where you want serve from, so it's choosing your localhost (127.0.0.1) by default. To prevent this message from appearing, clarify that you want to serve from localhost (127.0.0.1) by adding the following line into your /etc/apache2/apache2.conf file:

ServerName localhost

Read More

The Perfect Server - Ubuntu 14.04 (Apache2, PHP, MySQL, PureFTPD, BIND, Dovecot, ISPConfig 3) - Page 4

12. Install Postfix, Dovecot, MySQL, phpMyAdmin, rkhunter, binutils

For installing postfix we need to stop and remove sendmail 

service sendmail stop; update-rc.d -f sendmail remove

Now we can install Postfix, Dovecot, MySQL, rkhunter, and binutils with a single command:

apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server openssl getmail4 rkhunter binutils dovecot-imapd dovecot-pop3d dovecot-mysql dovecot-sieve sudo

You will be asked the following questions:

New password for the MySQL "root" user: <-- yourrootsqlpassword
Repeat password for the MySQL "root" user: <-- yourrootsqlpassword
General type of mail configuration: <-- Internet Site
System mail name: <-- server1.example.com

Next open the TLS/SSL and submission ports in Postfix:

vi /etc/postfix/master.cf

Uncomment the submission and smtps sections as follows - add the line -o smtpd_client_restrictions=permit_sasl_authenticated,reject to both sections and leave everything thereafter commented:

[...] submission inet n - - - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o smtpd_reject_unlisted_recipient=no # -o smtpd_client_restrictions=$mua_client_restrictions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING [...]

Restart Postfix afterwards:

service postfix restart

We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:

vi /etc/mysql/my.cnf

[...] # Instead of skip-networking the default is now to listen only on # localhost which is more compatible and is not less secure. #bind-address = 127.0.0.1 [...]

Then we restart MySQL:

service mysql restart

Now check that networking is enabled. Run

netstat -tap | grep mysql

The output should look like this:

root@server1:~# netstat -tap | grep mysql 
tcp        0      0 *:mysql                 *:*                     LISTEN      21298/mysqld 
root@server1:~#

13. Install Amavisd-new, SpamAssassin, And Clamav

To install amavisd-new, SpamAssassin, and ClamAV, we run

apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl

The ISPConfig 3 setup uses amavisd which loads the SpamAssassin filter library internally, so we can stop SpamAssassin to free up some RAM:

service spamassassin stop
update-rc.d -f spamassassin remove

14. Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt

Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, and mcrypt can be installed as follows:

apt-get install apache2 apache2-doc apache2-utils libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libruby libapache2-mod-python php5-curl php5-intl php5-memcache php5-memcached php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl memcached snmp

The PHP5 mcrypt module has to be enabled manually:

php5enmod mcrypt

You will see the following question:

Web server to reconfigure automatically: <-- apache2
Configure database for phpmyadmin with dbconfig-common? <-- No

Then run the following command to enable the Apache modules suexec, rewrite, ssl, actions, and include (plus dav, dav_fs, and auth_digest if you want to use WebDAV):

a2enmod suexec rewrite ssl actions include cgi

a2enmod dav_fs dav auth_digest

Next open /etc/apache2/mods-available/suphp.conf...

vi /etc/apache2/mods-available/suphp.conf

... and comment out the <FilesMatch "\.ph(p3?|tml)$"> section and add the line AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml - otherwise all PHP files will be run by SuPHP:

<IfModule mod_suphp.c> #<FilesMatch "\.ph(p3?|tml)$"> # SetHandler application/x-httpd-suphp #</FilesMatch> suPHP_AddHandler application/x-httpd-suphp AddType application/x-httpd-suphp .php .php3 .php4 .php5 .phtml <Directory /> suPHP_Engine on </Directory> # By default, disable suPHP for debian packaged web applications as files # are owned by root and cannot be executed by suPHP because of min_uid. <Directory /usr/share> suPHP_Engine off </Directory> # # Use a specific php config file (a dir which contains a php.ini file) # suPHP_ConfigPath /etc/php5/cgi/suphp/ # # Tells mod_suphp NOT to handle requests with the type <mime-type>. # suPHP_RemoveHandler <mime-type> </IfModule>

Restart Apache afterwards:

service apache2 restart

If you want to host Ruby files with the extension .rb on your web sites created through ISPConfig, you must comment out the line application/x-ruby rb in /etc/mime.types:

vi /etc/mime.types

[...] #application/x-ruby rb [...]

(This is needed only for .rb files; Ruby files with the extension .rbx work out of the box.)

Restart Apache afterwards:

service apache2 restart

 Login to the MySQL database as root user on the shell:

mysql -u root

Create a new user "admin" with the password "howtoforge". Replace the password "howtoforge" with a secure password in the commands below!

CREATE USER 'admin'@'localhost' IDENTIFIED BY 'howtoforge';
GRANT ALL PRIVILEGES ON *.* TO 'admin'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit

14.1 Xcache

Xcache is a free and open PHP opcode cacher for caching and optimizing PHP intermediate code. It's similar to other PHP opcode cachers, such as eAccelerator and APC. It is strongly recommended to have one of these installed to speed up your PHP page.

Xcache can be installed as follows:

apt-get install php5-xcache

Now restart Apache:

service apache2 restart

14.2 PHP-FPM

Starting with ISPConfig 3.0.5, there is an additional PHP mode that you can select for usage with Apache: PHP-FPM.

To use PHP-FPM with Apache, we need the mod_fastcgi Apache module (please don't mix this up with mod_fcgid - they are very similar, but you cannot use PHP-FPM with mod_fcgid). We can install PHP-FPM and mod_fastcgi as follows:

apt-get install libapache2-mod-fastcgi php5-fpm

Make sure you enable the module and restart Apache:

a2enmod actions fastcgi alias 
service apache2 restart

14.2 Additional PHP Versions

Starting with ISPConfig 3.0.5, it is possible to have multiple PHP versions on one server (selectable through ISPConfig) which can be run through FastCGI and PHP-FPM. To learn how to build additional PHP versions (PHP-FPM and FastCGI) and how to configure ISPConfig, please check this tutorial: How To Use Multiple PHP Versions (PHP-FPM & FastCGI) With ISPConfig 3 (Ubuntu 12.10) (works for Ubuntu 14.04 as well).

15. Install Mailman

Since version 3.0.4, ISPConfig also allows you to manage (create/modify/delete) Mailman mailing lists. If you want to make use of this feature, install Mailman as follows:

apt-get install mailman

Select at least one language, e.g.:

Languages to support: <-- en (English)
Missing site list <-- Ok

Before we can start Mailman, a first mailing list called mailman must be created:

newlist mailman

root@server1:~# newlist mailman
Enter the email of the person running the list: <-- admin email address, e.g. listadmin@example.com
Initial mailman password: <-- admin password for the mailman list
To finish creating your mailing list, you must edit your /etc/aliases (or
equivalent) file by adding the following lines, and possibly running the
`newaliases' program:

## mailman mailing list
mailman:              "|/var/lib/mailman/mail/mailman post mailman"
mailman-admin:        "|/var/lib/mailman/mail/mailman admin mailman"
mailman-bounces:      "|/var/lib/mailman/mail/mailman bounces mailman"
mailman-confirm:      "|/var/lib/mailman/mail/mailman confirm mailman"
mailman-join:         "|/var/lib/mailman/mail/mailman join mailman"
mailman-leave:        "|/var/lib/mailman/mail/mailman leave mailman"
mailman-owner:        "|/var/lib/mailman/mail/mailman owner mailman"
mailman-request:      "|/var/lib/mailman/mail/mailman request mailman"
mailman-subscribe:    "|/var/lib/mailman/mail/mailman subscribe mailman"
mailman-unsubscribe:  "|/var/lib/mailman/mail/mailman unsubscribe mailman"

Hit enter to notify mailman owner... <-- ENTER

root@server1:~#

Open /etc/aliases afterwards...

vi /etc/aliases

... and add the following lines:

[...] ## mailman mailing list mailman: "|/var/lib/mailman/mail/mailman post mailman" mailman-admin: "|/var/lib/mailman/mail/mailman admin mailman" mailman-bounces: "|/var/lib/mailman/mail/mailman bounces mailman" mailman-confirm: "|/var/lib/mailman/mail/mailman confirm mailman" mailman-join: "|/var/lib/mailman/mail/mailman join mailman" mailman-leave: "|/var/lib/mailman/mail/mailman leave mailman" mailman-owner: "|/var/lib/mailman/mail/mailman owner mailman" mailman-request: "|/var/lib/mailman/mail/mailman request mailman" mailman-subscribe: "|/var/lib/mailman/mail/mailman subscribe mailman" mailman-unsubscribe: "|/var/lib/mailman/mail/mailman unsubscribe mailman"

Run

newaliases

afterwards and restart Postfix:

service postfix restart

Finally we must enable the Mailman Apache configuration:

ln -s /etc/mailman/apache.conf /etc/apache2/conf-available/mailman.conf

This defines the alias /cgi-bin/mailman/ for all Apache vhosts, which means you can access the Mailman admin interface for a list at http://<vhost>/cgi-bin/mailman/admin/<listname>, and the web page for users of a mailing list can be found at http://<vhost>/cgi-bin/mailman/listinfo/<listname>.

Under http://<vhost>/pipermail you can find the mailing list archives.

Restart Apache afterwards:

service apache2 restart

Then start the Mailman daemon:

service mailman start

Read More

The Perfect Server - Ubuntu 14.04 (Apache2, PHP, MySQL, PureFTPD, BIND, Dovecot, ISPConfig 3) - Page 3

7. Configure The Network

Because the Ubuntu installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.2.251 and the DNS servers 192.168.1.200, 192.168.1.225 and 8.8.8.8 - starting with Ubuntu 12.04, you cannot edit /etc/resolv.conf directly anymore, but have to specify your nameservers in your network configuration - see

man resolvconf

for more details):

vi /etc/network/interfaces

# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.2.251 netmask 255.255.255.0 network 192.168.2.251 broadcast 192.168.2.255 gateway 192.168.2.254 dns-nameservers 192.168.1.200 192.168.1.225 8.8.8.8

Then restart your network:

service networking restart

Then edit /etc/hosts. Make it look like this:

vi /etc/hosts

127.0.0.1 localhost 192.168.2.251 server1.example.com server1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters

Now run

echo server1.example.com > /etc/hostname 
service hostname restart

Afterwards, run

hostname 
hostname -f

Both should show server1.example.com now.

8. Edit /etc/apt/sources.list And Update Your Linux Installation

Edit /etc/apt/sources.list. Comment out or remove the installation CD from the file and make sure that the universe and multiverse repositories are enabled. It should look like this:

vi /etc/apt/sources.list

# # deb cdrom:[Ubuntu-Server 14.04 LTS _Trusty Tahr_ - Release amd64 (20140416.2)]/ trusty main restricted #deb cdrom:[Ubuntu-Server 14.04 LTS _Trusty Tahr_ - Release amd64 (20130423.2)]/ trusty main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://de.archive.ubuntu.com/ubuntu/ trusty main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ trusty main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ trusty universe deb-src http://de.archive.ubuntu.com/ubuntu/ trusty universe deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://de.archive.ubuntu.com/ubuntu/ trusty multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ trusty multiverse deb http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu trusty-security main restricted deb-src http://security.ubuntu.com/ubuntu trusty-security main restricted deb http://security.ubuntu.com/ubuntu trusty-security universe deb-src http://security.ubuntu.com/ubuntu trusty-security universe deb http://security.ubuntu.com/ubuntu trusty-security multiverse deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu trusty partner # deb-src http://archive.canonical.com/ubuntu trusty partner ## Uncomment the following two lines to add software from Ubuntu's ## 'extras' repository. ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. # deb http://extras.ubuntu.com/ubuntu trusty main # deb-src http://extras.ubuntu.com/ubuntu trusty main

Then run

apt-get update

to update the apt package database and

apt-get upgrade

to install the latest updates (if there are any). If you see that a new kernel gets installed as part of the updates, you should reboot the system afterwards:

reboot

9. Change The Default Shell

/bin/sh is a symlink to /bin/dash, however we need /bin/bash, not /bin/dash. Therefore we do this:

dpkg-reconfigure dash

Use dash as the default system shell (/bin/sh)? <-- No

If you don't do this, the ISPConfig installation will fail.

10. Disable AppArmor

AppArmor is a security extension (similar to SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

service apparmor stop 
update-rc.d -f apparmor remove 
apt-get remove apparmor apparmor-utils

11. Synchronize the System Clock

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the Internet. Simply run

apt-get install ntp ntpdate

and your system time will always be in sync.

Read More