Virtualmin Configuration and Tuning


Upon first install Virtualmin, you will need to set a few configuration parameters:

We will be disabling root login to webmin / virtualmin. Start by creating an administration group:

The default should be to use Unix authentication for the Webmin users. That means, resetting your Unix password will update your Webmin login as well.

Logout of Webmin and then back in with your username. Go back to Webmin Users and click on the 'root' user in the list of users. Set the password to "No password accepted" and voilá, your Webmin is now a little more secure.

Disabling Unused Cronjobs

CentOS in particular puts unwanted tasks in the cron entries. They do not appear in the 'crontab' proper but in /etc/cron.daily and /etc/cron.hourly. Rename these files to be their hidden dotfile equivalents:


Otherwise, awstats will run every hour for every domain, regardless of the settings you make in Virtualmin. Also I disabled 'makewhatis' 'webalizer' and 'freshclam' as I am not using them.

After installing Ubuntu 9.04


If you want support for MP3 files, Youtube video, and Java on your webpages, you could hunt down several packages - or just install the ubuntu-restricted-extras package install all the codecs and other files in one step. This also includes Microsoft core fonts.

sudo apt-get install ubuntu-restricted-extras

Eliminate Irritating Update Notifier Pop-Unders

This from Joseph Sinclair

In Ubuntu 9.04, update-notifier doesn't display an icon, it actually runs update-manager full-screen as a "pop-under". It's easy to miss, and there's no way to make it NOT run (so on a laptop, for instance, where stupid useless no-change updates are pending, you'll get the blasted thing running every time you boot, and quite often multiple times in a session).

There is a "magic" command to make it stop and go back to how it used to run (which you may have to run regularly since some updates seem to overwrite it), but it must be run for every user who can run updates:

gconftool -s --type bool /apps/update-notifier/auto_launch false

Adding that to /etc/bash.bashrc seems to be a quick-and-dirty fix that restores it for every user, and resets it if it gets overwritten. There's no guarantee this will work after the 9.10 update, but at least it works for now.

Setting up Virtualmin on Centos with a Linode


Once you know these few steps, setting up a LAMP (Linux/Apache/MySQL/Perl-PHP) server on a Linode (please use that link, as it includes my referral code) is insanely simple:

First, starting with a freshly provisioned CentOS install, ssh into the root account. First, update the base system --


yum update


I find it convenient to also install the console version of emacs:


yum install emacs-nox


Next, edit /etc/sysconfig/network and change the hostname. That file is read at boot, so you might also want to set the hostname for the current session:




Download the script from into /usr/src ... and then execute it:


cd /usr/src # wget



Then login, as root, to your new virtualmin configuration at your linode's address: where the 99-999 is replace with your linode's address (see the linode control panel).

Install problem: awstats

Ran into this error message after install, when clicking the "Check Your System" button --

The AWstats command /usr/share/awstats/wwwroot/cgi-bin/ was not found on your system.

Complicated by the fact that "yum install awstats" said it was already installed. But where? "rpm -ql awstats" gives the answer... and then I just copied it as follows:

# mkdir -p /usr/share/awstats/wwwroot/cgi-bin
# cp -a /var/www/awstats/ /usr/share/awstats/wwwroot/cgi-bin

Install problem: clamd (after update)

NOTE: After installing Virtualmin updates, I got an error:

ERROR: Command rejected by clamd (wrong clamd version?)

which I resolved with:

# /etc/rc.d/init.d/clamd-virtualmin restart

Default settings when you configure

Under System Settings / Server Templates and then Default Settings --

Upgrading PHP and MySQL

This is one place where Centos 5.3 lags behind the times. If you need PHP 5.2 or above, you will have to enable an alternate repository. As of this writing, the "Centos Testing" repository contains a pre-release version that does not include the mcrypt and memache modules -- a real problem. NOTE: Although I was able to upgrade a running server, I'd recommend doing this before loading any production domains. Follow the instructions at

Double-Check Postfix Relaying

Postfix was accepting email for ... to solve this, open the aliased sub domain in Virtualmin, and under:

Server Configuration
  Email Settings


Virtual server email-related settings
  Mail aliases mode

from Catchall forwarding to Copy aliases from target. You probably want to change this on the System Settings / Server Templates / Default Settings for Sub-Servers page as well. If you have already created several domains, you can adjust this all at once:

# virtualmin modify-mail --alias-copy --all-domains

NOTE: Is there a bug in Virtualmin 3.68.gpl? I had to manually:

# cd /etc/postfix
# postmap virtual
# postfix reload

to force that to refresh.

Tuning clamd

Rather than spend too much time tuning the memory, I simply killed clamd as it is a huge memory pig and leads to Out Of Memory webserver freezes.

Tuning Apache

With the default settings, Apache can veer out of control and eat all available memory. In /etc/httpd/conf/httpd.conf, change as follows in the section shown:

# prefork MPM
# StartServers: number of server processes to start
# MinSpareServers: minimum number of server processes which are kept spare
# MaxSpareServers: maximum number of server processes which are kept spare
# ServerLimit: maximum value for MaxClients for the lifetime of the server
# MaxClients: maximum number of server processes allowed to start
# MaxRequestsPerChild: maximum number of requests a server process serves
# was: MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 400
<IfModule prefork.c>
StartServers       8
MinSpareServers    5
MaxSpareServers   10
ServerLimit      64
MaxClients       64
MaxRequestsPerChild  400

Tuning Spamassassin

Dramatically reduce memory footprint by changing the number of threads that spamassassin will execute at once from 5 down to 1. In /etc/sysconfig/spamassassin (your location may vary) --


SPAMDOPTIONS="-d -c -m<strong>5</strong> -H"


SPAMDOPTIONS="-d -c -m<strong>1</strong> -H"

-- William Lindley Automatically delete old spam?


Yes, if older than

daAutomatically delete old spam? No

Yes, if older than days