If you are worried about numerous lines of the following kind: "::1 - - [19/Feb/2014:22:37:51 +0100] "OPTIONS * HTTP/1.0" 200 105" in your access_log or on apache status page, please stay calm, that does not denote anything wrong happening on your server.
I've just received a New Message from Directadmin, entitled as "Backup Abort: A hard link was found under User username's path". And I've seen a list of files within /home/username/imap/ directory which seem to be hardlinks.
If your users are unable to connect to DirectAdmin on port 2222 due to firewalls or proxies. It is still possible to setup apache to allow DirectAdmin to run through apache using its proxy options.
Enabling logging of Spamassassin actions is simple enough, so here i how to do that.
As soon as you enable Pigeonhole with Exim and Dovecot you get email quotas not working any longer. And here is a way how to enable them back with Dovecot.
To switch Exim+Dovecot+Sieve to LMTP from LDA one need to apply some changes
(Updated 2018-06-12) Directadmin since version 1.39 has a built-in brute force monitor, which scan your service logs for any brute force login attempts on your system (dovecot, exim, proftpd, sshd) and sent notifications to an admin. Here you can find a short guide on how to block attackers with CSF (ConfigServer Firewall)
Linux Malware Detect (LMD) is a malware scanner for Linux released under the GNU GPLv2 license, that is designed around the threats faced in shared hosted environments. It uses threat data from network edge intrusion detection systems to extract malware that is actively being used in attacks and generates signatures for detection.
If you sell additional IPs to your users, so they could connect remote servers from your hosting server using their dedicated IP as a source IP, you might want (or even need) to protect it from hijacking by other customer of yours. So nobody else could use it.
It was mentioned somewhere that to have session.save_path pointed into /tmp is not very secure, as a hacker with a hosting account on your server might hijack a session file from a neighbor site, if he (or she) manages to get list of files located in /tmp. To prevent this you might want to store sessions under user's home directory.