Complete Guide to DirectAdmin for Administrators: Installation, Security, and Performance

By HelpSysAdminLinux, Security, server management

This is a Complete Guide to DirectAdmin for Administrators, covering Installation, Security, and Performance. DirectAdmin is one of the most widely used control panels on Linux servers due to its lightweight nature, simplicity, and excellent cost-benefit ratio. It is widely adopted in VPS and dedicated servers, especially in shared hosting, reseller, and production server environments focused on performance.

This guide was created for server administrators who want to master DirectAdmin, from proper installation to advanced security, optimization, and performance practices.

System Requirements

Before installing DirectAdmin, check the minimum requirements:

  • Supported Operating Systems:
    • AlmaLinux 8 / 9 / 10
    • Rocky Linux 8 / 9 / 10
    • CloudLinux 8 / 9 / 10
    • Debian 10 / 11 / 12
    • Ubuntu 20.04 / 22.04 / 24.04
  • CPU: Minimum 1 core (2+ recommended)
  • RAM: Minimum 1 GB (4 GB or more recommended)
  • Disk Space: 20 GB free
  • Dedicated IP Address
  • Properly configured Hostname (FQDN)

Server Preparation

Configure Hostname

hostnamectl set-hostname server.seudominio.com

Edit the file with: nano /etc/hosts:

IP_DO_SERVIDOR server.seudominio.com server

Update the System

dnf update -y # RHEL-based

apt update && apt upgrade -y # Debian/Ubuntu

DirectAdmin Installation

Download and Installation

cd /root

sh <(curl -fsSL https://download.directadmin.com/setup.sh)

During the installation process, you will be prompted for your License Key.

After completion, temporary access will be via:

https://IP_DO_SERVIDOR:2222
If your hostname is already pointing to the server’s IP address, use https://hostname:2222.

User Structure in DirectAdmin

DirectAdmin works with three main levels:

  • Admin – full server control
  • Reseller – user account management
  • User – website hosting and services

This separation ensures better organization and security.

Essential Initial Setup

Update the CustomBuild

cd /usr/local/directadmin/custombuild
./build update
./build versions

Choose Stack Web

Recommended for production:

  • Nginx as a reverse proxy
  • Apache with MPM Event
  • PHP-FPM

./build set webserver nginx_apache
./build set php1_release 8.2
./build set php1_mode php-fpm

Edit the file: options.conf

cd /usr/local/directadmin/custombuild/
nano options.conf

Change the following values:

php2_release=8.3
php_timezone=America/Sao_Paulo
mysql_backup=yes
mysql_backup_gzip=yes
unit=yes
nodejs_provider=distro
webserver=nginx_apache
modsecurity=yes
modsecurity_ruleset=owasp
phpmyadmin_public=no
blockcracking=yes
easy_spam_fighter=yes
spamd=spamassassin
php_gmp=yes
php_igbinary=yes
php_imagick=yes
php_imap=yes
php_ioncube=yes
php_mcrypt=yes
php_opcache=yes
php_redis=yes
php_xmlrpc=yes
php_yaml=yes
php_zend=yes
php_zstd=yes
csf=no

Security in DirectAdmin

Firewall

Install and configure CSF:

cd /usr/src
git clone https://github.com/Aetherinox/csf-firewall.git
cd csf-firewall/src/
./install.sh

Access DirectAdmin and configure:

  • Extras Features → ConfigServer Security & Firewall 

ModSecurity Rules:

Some rules provided by OWASP generate false positives, blocking access to website resources. Below we will disable these rules.

  • Access DirectAdmin with the admin user.
  • Access Server Manager >> ModSecurity.
  • Click the Default Configuration button.
  • Under Excluded rules, locate the rule ID. This is where you will enter the ID of the rule you want to disable. Enter the ID and then click the Add exclusion button. When finished, click the save configuration button. Finally, after saving the settings in the Linux shell, restart your web server (example: systemctl restart nginx and systemctl restart httpd).

The IDs of the rules we want to disable are:
921130
941100
941160
920420
941130
941140
941180
941190
941250
941260
932370
942290
930130
933150

SSH protection

  • Change default port
  • Disable root login by password
  • Use key authentication

PermitRootLogin prohibit-password

Tip: Try logging in again while keeping a window open.

Crowdsec

Recommended for protecting services such as HTTP, SSH, FTP, SMTP, WordPress, etc.

Click here: How to install Crowdsec

System Hardening

  • Disable unnecessary services
  • Keep your system always updated
  • Use correct file permissions
  • Enable automatic backups

Performance and Optimization

PHP-FPM

Configuração recomendada:
pm = ondemand
pm.max_children = Click here : PHP-FPM: How to Calculate pm.max_children Correctly
pm.process_idle_timeout = 10s
pm.max_requests = 500

To configure php-fpm, use: (change php-fpm.conf.83 to the PHP version you want to change)

 mkdir -p /usr/local/directadmin/custombuild/custom/configure/fpm/conf/
 cp /usr/local/directadmin/custombuild/configure/fpm/conf/php-fpm.conf.83 /usr/local/directadmin/custombuild/custom/configure/fpm/conf/
 cd /usr/local/directadmin/custombuild/custom/configure/fpm/conf/
 nano php-fpm.conf.83
#altere para as configurações acima e execute
da build php

OPcache

opcache.enable=1
opcache.memory_consumption=256
opcache.max_accelerated_files=100000
opcache.validate_timestamps=0

cd /usr/local/directadmin/custombuild
mkdir -p custom/opcache
cp -p configure/opcache/opcache.ini custom/opcache/opcache.ini
nano custom/opcache/opcache.ini
# insira as configurações acima e a seguir execute
da build opcache

MariaDB

Best practices: Complete guide to optimizing MariaDB performance.

Backups no DirectAdmin

  • Backups local ou remote (FTP)
  • Automatic scheduling
  • Periodic restoration tests

Access via DirectAdmin: Admin Tools >> Admin Backup/Transfer
Next, click on Schedule and fill in the requested fields.

Monitoring

Recommended tools:

  • Netdata
  • Zabbix(requires a separate server for installation)
  • htop
  • iotop
  • journalctl

Important Logs

  • Apache/Nginx: /var/log/httpd/ ou /var/log/nginx/
  • DirectAdmin: /var/log/directadmin/

Common Problems and Solutions

Port 2222 does not open.

  • Check firewall
  • Verify that DirectAdmin is active

systemctl status directadmin

Slow websites

  • Check PHP-FPM
  • Adjust cache
  • Use Redis or Memcached

Good Practices for Production

  • Using CloudLinux on shared hosting
  • Enable CageFS isolation
  • Limit resources per user
  • Monitor usage constantly

Conclusion

DirectAdmin is an excellent choice for administrators seeking performance, stability, and simplicity. With a proper installation, strong security practices, and correct performance adjustments, it’s possible to maintain highly reliable and scalable servers.

This guide serves as a complete foundation for professional environments, from small VPS to high-demand servers.


See also: Benchmark Script on Linux
See also: How do I add security headers using Cloudflare?
See also: How to Create an OS Template in Virtualizor: Complete Guide 2025
Veja também: Como Escolher Entre cPanel e DirectAdmin