AlmaLinuxRHEL Based

How To Install ProjectSend on AlmaLinux 10

r00t

Install ProjectSend on AlmaLinux 10

Managing file transfers with clients can be challenging without the right tools. ProjectSend offers a secure, self-hosted solution for sharing files with clients while maintaining complete control over your data. This comprehensive guide walks through installing ProjectSend on AlmaLinux 10, covering everything from system preparation to security hardening.

AlmaLinux 10 provides an enterprise-grade foundation for hosting web applications. Its stability and long-term support make it ideal for production environments. Combined with ProjectSend’s robust file-sharing capabilities, you’ll create a professional platform for managing client file transfers securely and efficiently.

Table of Contents

What is ProjectSend?

ProjectSend is an open-source, self-hosted file-sharing application designed specifically for agencies, freelancers, and businesses that need to share files with clients. Unlike generic cloud storage solutions, ProjectSend focuses on client management and secure file distribution.

The platform offers impressive features including AES-256-GCM encryption for data security, LDAP and Active Directory integration for enterprise environments, and customizable email templates for professional communication. Users can set download limits, implement auto-expiration for sensitive files, and access comprehensive audit logging to track all file activities.

Multi-language support ensures global accessibility, while the intuitive web interface simplifies file management for both administrators and clients. The latest version (r1945) includes significant security enhancements and performance improvements, making it more reliable than ever for production deployments.

ProjectSend excels in scenarios where controlled file distribution matters. Whether managing design assets for multiple clients, distributing legal documents, or sharing project deliverables, the platform provides granular control over who accesses what files and when.

System Requirements

Before beginning the installation process, ensure your server meets the necessary hardware and software specifications.

Hardware Requirements

A minimum of 2GB RAM suffices for small deployments, though 4GB or more is recommended for production environments handling multiple concurrent users. Allocate at least 10GB of disk space for the application itself, but plan for significantly more storage depending on your file-sharing needs. A single-core processor handles basic operations, but multi-core systems provide better performance under load.

Software Requirements

ProjectSend requires PHP 7.4 or newer, with PHP 8.x recommended for optimal performance and security. The application works with MySQL 5.0 or newer, though MariaDB 10.x is preferred for AlmaLinux environments. Apache 2.2+ serves as the web server, though Nginx configurations are also supported.

Essential PHP extensions include PDO and pdo_mysql for database connectivity, mbstring for multi-byte string handling, gettext for internationalization, fileinfo for file type detection, gd2 for image processing, xml for XML parsing, zip for archive handling, and cURL for external communications. Missing extensions prevent proper installation and functionality.

Prerequisites

Several prerequisites ensure smooth installation. Start with a fresh AlmaLinux 10 server installation with root or sudo privileges. SSH access to the server is mandatory for executing commands remotely.

A domain name pointing to your server’s IP address, while optional, is strongly recommended for production deployments. This enables SSL certificate installation and provides professional access to your ProjectSend instance.

Configure your firewall to allow HTTP traffic on port 80 and HTTPS traffic on port 443. Basic command-line knowledge helps troubleshoot issues, though this guide provides detailed commands for each step.

Step 1: Update AlmaLinux 10 System

Keeping your system updated ensures security patches and bug fixes are applied. Begin by updating all installed packages to their latest versions.

Connect to your server via SSH and execute the system update command:

sudo dnf update -y

This command downloads and installs available updates for all packages. The process may take several minutes depending on your connection speed and the number of packages requiring updates.

Next, install the EPEL (Extra Packages for Enterprise Linux) repository, which provides additional packages not included in the default repositories:

sudo dnf install epel-release -y

EPEL contains many useful tools and dependencies required by modern web applications. If kernel updates were installed during the system update, reboot your server to apply them:

sudo reboot

Wait a few minutes for the server to restart, then reconnect via SSH to continue the installation process.

Step 2: Install Apache Web Server

Apache serves as the web server for hosting ProjectSend. Its robust configuration options and widespread support make it ideal for production deployments.

Install Apache

Install the Apache HTTP server using the DNF package manager:

sudo dnf install -y httpd

The installation process downloads Apache and its dependencies, configuring basic settings automatically.

Configure Apache Service

Start the Apache service immediately and enable it to launch automatically during system boot:

sudo systemctl start httpd
sudo systemctl enable httpd

Verify Apache is running correctly by checking its status:

sudo systemctl status httpd

A green “active (running)” status indicates successful operation. Press ‘q’ to exit the status view.

Configure Firewall Rules

AlmaLinux 10 includes firewalld for network security management. Allow HTTP and HTTPS traffic through the firewall:

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

The permanent flag ensures rules persist across reboots. Reloading the firewall applies changes immediately.

Test Apache installation by opening a web browser and navigating to your server’s IP address. The default Apache welcome page confirms successful installation.

Step 3: Install MariaDB Database Server

MariaDB stores ProjectSend’s configuration data, user accounts, and file metadata. This relational database management system provides excellent performance and reliability.

Install MariaDB

Install MariaDB server and client packages:

sudo dnf install -y mariadb-server mariadb

The installation configures default settings suitable for most deployments.

Start and Enable MariaDB

Launch MariaDB and enable automatic startup:

sudo systemctl start mariadb
sudo systemctl enable mariadb

Verify the service is active:

sudo systemctl status mariadb

Secure MariaDB Installation

Run the security script to harden your database server:

sudo mysql_secure_installation

The script prompts several security questions. Press Enter when asked for the current root password (none is set initially). Choose ‘Y’ to set a root password, creating a strong password using uppercase, lowercase, numbers, and special characters.

Answer ‘Y’ to remove anonymous users, disallow root login remotely, remove the test database, and reload privilege tables. These measures significantly improve database security.

Create Database for ProjectSend

Log into MariaDB as root:

mysql -u root -p

Enter your root password when prompted. Create a dedicated database and user for ProjectSend:

CREATE DATABASE projectsend_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'projectsend_user'@'localhost' IDENTIFIED BY 'your_strong_password_here';
GRANT ALL PRIVILEGES ON projectsend_db.* TO 'projectsend_user'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Replace ‘your_strong_password_here’ with a secure password. The utf8mb4 character set ensures proper handling of international characters and emojis.

Note that MySQL 8.x users may need to configure native password authentication, as the default caching_sha2_password method is incompatible with many PHP applications. ProjectSend works best with MariaDB, avoiding this complication.

Step 4: Install PHP and Required Extensions

PHP processes ProjectSend’s server-side logic. Multiple extensions enable specific functionality required by the application.

Install PHP Packages

Install PHP and all necessary modules in a single command:

sudo dnf install -y php php-mysqlnd php-gd php-xml php-mbstring php-zip php-gettext php-pdo php-curl php-json php-fileinfo

This comprehensive package list ensures all dependencies are satisfied.

Verify PHP Installation

Check the installed PHP version:

php -v

Version 8.0 or newer provides the best performance and security. List all installed PHP modules:

php -m

Verify that all required extensions appear in the output.

Configure PHP Settings

Edit the main PHP configuration file to optimize settings for file uploads:

sudo nano /etc/php.ini

Locate and modify these directives:

memory_limit = 256M
post_max_size = 256M
upload_max_filesize = 256M
max_execution_time = 300
max_input_time = 300

These values allow uploading files up to 256MB. Adjust higher if you need to transfer larger files. Save the file by pressing Ctrl+X, then Y, then Enter.

Restart Apache to apply PHP configuration changes:

sudo systemctl restart httpd

Step 5: Download and Install ProjectSend

With the LAMP stack configured, proceed to download and install ProjectSend.

Download Latest ProjectSend Release

Navigate to the web root directory:

cd /var/www/html

Download the latest stable release (r1945) from GitHub:

sudo wget https://github.com/projectsend/projectsend/releases/download/r1945/projectsend-r1945.zip

For enhanced security, verify the file’s SHA256 hash:

sha256sum projectsend-r1945.zip

Compare the output with the official hash: 71a99f5d0bea0d12a5b8d8068e46947cd0ca2dc7124511af3231faf559f16628. Matching hashes confirm file integrity.

Extract ProjectSend Files

Install the unzip utility if not already available:

sudo dnf install -y unzip

Extract the downloaded archive:

sudo unzip projectsend-r1945.zip

This creates a “projectsend” directory containing all application files. Remove the zip file to free space:

sudo rm projectsend-r1945.zip

Set Proper Permissions

Correct file permissions prevent security vulnerabilities while ensuring ProjectSend can write necessary data. Set ownership to the Apache user:

sudo chown -R apache:apache /var/www/html/projectsend

Configure directory permissions to 775:

sudo find /var/www/html/projectsend -type d -exec chmod 775 {} \;

Set file permissions to 644:

sudo find /var/www/html/projectsend -type f -exec chmod 644 {} \;

These permissions allow Apache to read and write files while preventing unauthorized access from other system users.

Step 6: Configure Apache Virtual Host

Virtual hosts enable hosting multiple websites on a single server. Creating a dedicated virtual host for ProjectSend improves organization and simplifies configuration management.

Create Virtual Host Configuration

Navigate to Apache’s configuration directory:

cd /etc/httpd/conf.d

Create a new configuration file for ProjectSend:

sudo nano projectsend.conf

Add the following virtual host configuration:

<VirtualHost *:80>
    ServerName your-domain.com
    ServerAlias www.your-domain.com
    DocumentRoot /var/www/html/projectsend
    
    <Directory /var/www/html/projectsend>
        Options -Indexes +FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>
    
    ErrorLog /var/log/httpd/projectsend-error.log
    CustomLog /var/log/httpd/projectsend-access.log combined
</VirtualHost>

Replace “your-domain.com” with your actual domain name. The Options directive disables directory listing while enabling symbolic links. AllowOverride All permits .htaccess files to override configuration settings.

Save and close the file.

Enable Configuration

Test the Apache configuration for syntax errors:

sudo apachectl configtest

“Syntax OK” indicates no errors. If errors appear, review your configuration file for typos. Restart Apache to apply changes:

sudo systemctl restart httpd

Step 7: Complete Web-Based Installation

ProjectSend includes a web-based installer that simplifies initial configuration.

Access Installation Wizard

Open your web browser and navigate to your domain or server IP address:

http://your-domain.com

The ProjectSend installation wizard loads automatically, displaying a welcome screen.

Install ProjectSend on AlmaLinux 10

Configure Database Connection

The installer offers two configuration methods. For manual configuration, connect to your server via SSH and copy the sample configuration file:

cd /var/www/html/projectsend/includes
sudo cp sys.config.sample.php sys.config.php
sudo nano sys.config.php

Edit database credentials manually, then save the file. Most users prefer the web-based installer form, which is simpler and less error-prone.

In the installation form, enter your database details:

  • Database Host: localhost
  • Database Name: projectsend_db
  • Database User: projectsend_user
  • Database Password: (the password you created earlier)

Complete Installation Form

Fill in your site information:

  • Site Name: Your organization or business name
  • Site Description: Brief description of your file-sharing purpose
  • Base URL: Your full domain URL including http:// or https://

Create your administrator account with a strong username (avoid “admin”) and a complex password mixing uppercase, lowercase, numbers, and special characters. Provide a valid administrator email address for system notifications.

Click the “Install” button and wait while ProjectSend creates database tables and configures initial settings. The process typically completes within 30 seconds.

Verify Installation

Look for the success message confirming installation completion. If permission warnings appear, return to your SSH session and adjust file permissions as needed.

Log in using your administrator credentials. The dashboard provides access to all ProjectSend features and settings.

Step 8: Install and Configure SSL Certificate

SSL certificates encrypt data transmission between users and your server, essential for protecting sensitive files and login credentials.

Install Certbot and Dependencies

Install Certbot with the Apache plugin:

sudo dnf install -y certbot python3-certbot-apache mod_ssl

Certbot automates the SSL certificate installation and renewal process.

Obtain Let’s Encrypt SSL Certificate

Run Certbot to obtain and install an SSL certificate:

sudo certbot --apache -d your-domain.com -d www.your-domain.com

Certbot prompts for your email address (used for renewal notifications). Agree to the terms of service and choose whether to share your email with the EFF.

Select whether to redirect all HTTP traffic to HTTPS. Choose option 2 (Redirect) for maximum security, ensuring all connections use encryption.

Certbot automatically modifies your Apache configuration, creating a new virtual host for HTTPS on port 443.

Verify SSL Configuration

Test HTTPS access by navigating to:

https://your-domain.com

Your browser should display a padlock icon, indicating a secure connection. Click the padlock to view certificate details and confirm Let’s Encrypt issued it.

Configure Auto-Renewal

Let’s Encrypt certificates expire after 90 days. Certbot installs a systemd timer that automatically renews certificates before expiration. Test the renewal process:

sudo certbot renew --dry-run

Successful dry-run output confirms automatic renewal will work correctly. Check the renewal timer status:

sudo systemctl status certbot-renew.timer

The timer should show as “active (waiting).”

Update ProjectSend Base URL

Log into your ProjectSend admin panel, navigate to Settings > General, and update the Base URL field to use https:// instead of http://. Save changes to ensure all generated links use secure connections.

Step 9: Security Hardening

Security hardening protects your ProjectSend installation from unauthorized access and potential vulnerabilities.

Update to Latest Version

Always run the latest ProjectSend version to benefit from security patches. Version r1945 addresses critical vulnerabilities, including CVE-2024-11680, which affects earlier releases. This authentication bypass vulnerability allowed attackers to gain unauthorized access, making updates essential for security.

Check the ProjectSend GitHub releases page regularly for updates. Follow the upgrade documentation carefully when new versions release.

Disable User Registration

Navigate to Settings > Security in the ProjectSend admin panel. Disable public user registration unless your use case specifically requires it. When registration is necessary, enable administrator approval for new accounts to maintain control over who accesses your system.

This prevents unauthorized individuals from creating accounts and potentially accessing sensitive files.

Implement Strong Password Policies

Enforce strong password requirements through ProjectSend’s settings. Enable password complexity rules requiring minimum length, uppercase letters, lowercase letters, numbers, and special characters.

Consider implementing two-factor authentication if your ProjectSend version or available plugins support it. Additional authentication layers significantly improve account security.

Configure File Upload Restrictions

Set maximum file size limits matching your PHP configuration. Restrict allowed file types to prevent malicious uploads. Avoid allowing executable file types (.exe, .bat, .sh, .php) unless absolutely necessary for your use case.

Enable file scanning capabilities if available in your deployment to detect malware before files reach clients.

Secure Configuration Files

Protect sensitive configuration files from web access. Create or edit the .htaccess file in the includes directory:

sudo nano /var/www/html/projectsend/includes/.htaccess

Add these directives:

Order Deny,Allow
Deny from all

Save the file. This prevents direct browser access to configuration files containing database credentials.

Set restrictive permissions on sys.config.php:

sudo chmod 640 /var/www/html/projectsend/includes/sys.config.php

Enable Security Features

Configure maximum login attempts in ProjectSend settings to prevent brute force attacks. Enable detailed logging for security monitoring, creating an audit trail of all file access and system changes.

Implement log rotation to prevent log files from consuming excessive disk space. Review logs regularly to identify potential threats or unauthorized access attempts.

SELinux Configuration

If SELinux is enabled (check with getenforce), configure appropriate contexts for ProjectSend directories. SELinux provides additional mandatory access controls, but may require configuration to allow Apache to write to ProjectSend directories:

sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/projectsend(/.*)?"
sudo restorecon -Rv /var/www/html/projectsend

These commands allow Apache to read and write ProjectSend files while maintaining SELinux protection.

Step 10: Post-Installation Configuration

Fine-tune ProjectSend settings to match your organization’s requirements and workflows.

Configure Basic Settings

Access the admin panel and navigate to Settings > General. Configure your site name to reflect your organization, add a descriptive subtitle, and provide contact information for user inquiries.

Set your timezone to ensure timestamps display correctly for your location. Choose appropriate date and time format preferences matching your regional conventions.

Email Configuration

Navigate to Settings > Email to configure SMTP settings for email notifications. Enter your SMTP server hostname, port (typically 587 for TLS or 465 for SSL), and authentication credentials.

Test email delivery using the built-in test function. Successful delivery confirms configuration correctness. Customize email templates using the visual editor to match your branding and communication style.

User and Client Management

Create user accounts for team members who will manage files and clients. Assign appropriate roles and permissions based on responsibilities. System administrators receive full access, while regular users may have limited permissions.

Set up client accounts for organizations or individuals receiving files. Organize clients into groups for easier management of large client bases. Configure permissions and access levels controlling what each client can view and download.

Storage Configuration

Navigate to Settings > Storage to configure disk quota management. Enable quotas if needed to prevent individual accounts from consuming excessive storage. Set per-account storage limits based on your available disk space and usage patterns.

For large deployments, consider configuring external storage using AWS S3 or compatible object storage services. This offloads file storage to scalable cloud infrastructure while maintaining ProjectSend’s management interface.

Backup Configuration

Implement regular backup procedures protecting against data loss. Schedule daily database backups using cron:

sudo crontab -e

Add a backup script entry:

0 2 * * * mysqldump -u projectsend_user -p'your_password' projectsend_db > /backup/projectsend_db_$(date +\%Y\%m\%d).sql

This creates daily database backups at 2 AM. Configure file system backups for uploaded files:

0 3 * * * rsync -av /var/www/html/projectsend/upload/ /backup/projectsend_files/

Test backup restoration procedures regularly to ensure backups work correctly when needed.

Testing ProjectSend Installation

Thorough testing verifies your installation works correctly before production use.

Functional Testing

Log into the admin interface and upload test files of various types and sizes. Create a test client account with limited permissions. Share uploaded files with the test client, then log in as that client to verify file access.

Download files as the client to confirm the complete workflow functions properly. Test file preview features if your installation includes them.

Performance Testing

Upload large files approaching your configured maximum size to verify PHP settings allow them. Monitor server resource usage during uploads using tools like htop or system monitoring dashboards.

Verify download speeds meet expectations by downloading test files over various network connections. Slow speeds may indicate server resource constraints or network bottlenecks requiring attention.

Security Testing

Verify your SSL certificate works correctly by checking for browser security indicators. Test that user access controls function properly by attempting to access files from unauthorized accounts.

Test password reset functionality to ensure users can recover accounts if needed. Attempt to directly access sensitive files or directories through URLs to confirm .htaccess protections work.

Troubleshooting Common Issues

Even carefully followed installations sometimes encounter problems. These solutions address common issues.

Upload Failures

If uploads fail, verify PHP’s upload_max_filesize and post_max_size settings are sufficient. Edit /etc/php.ini and increase these values as needed. Alternatively, add custom ini_set directives to sys.config.php:

ini_set('upload_max_filesize', '512M');
ini_set('post_max_size', '512M');

Restart Apache after configuration changes. Verify directory permissions allow Apache to write files:

ls -la /var/www/html/projectsend/upload/

Check available disk space using df -h. Full disks prevent file uploads.

Database Connection Errors

If ProjectSend cannot connect to the database, verify credentials in sys.config.php match those created during MariaDB setup. Check that the MariaDB service is running:

sudo systemctl status mariadb

Restart the service if stopped. For MySQL 8.x installations, ensure native password authentication is configured, as ProjectSend doesn’t support caching_sha2_password.

Test database connectivity manually:

mysql -u projectsend_user -p projectsend_db

Successful connection indicates credentials work, suggesting configuration file errors.

Permission Errors

Permission errors typically indicate incorrect file ownership or permissions. Reset ownership:

sudo chown -R apache:apache /var/www/html/projectsend

Set correct permissions using find commands:

sudo find /var/www/html/projectsend -type d -exec chmod 775 {} \;
sudo find /var/www/html/projectsend -type f -exec chmod 644 {} \;

Check SELinux contexts if enabled and reconfigure as needed.

403 Forbidden Errors

Forbidden errors usually stem from Apache configuration issues. Verify your virtual host configuration includes appropriate Directory directives allowing access. Ensure .htaccess files don’t contain overly restrictive rules.

Check Apache error logs for specific causes:

sudo tail -f /var/log/httpd/projectsend-error.log

Error messages often indicate the exact problem.

Email Delivery Issues

Email problems commonly arise from incorrect SMTP settings. Verify hostname, port, and credentials are correct. Check that your firewall allows outbound connections on SMTP ports (587 or 465).

Test with different email providers, as some hosts block outbound SMTP to prevent spam. Consider using an email service like SendGrid or AWS SES for reliable delivery.

Best Practices and Maintenance

Ongoing maintenance keeps your ProjectSend installation secure and performant.

Regular Maintenance Tasks

Update ProjectSend whenever new versions release, especially security updates. Apply AlmaLinux system updates monthly using dnf update. Review security logs weekly to identify potential threats or unauthorized access attempts.

Test backup restoration quarterly to ensure backups remain functional. Verify certificates renew automatically by monitoring expiration dates.

Performance Optimization

Enable PHP OPcache to dramatically improve performance by caching compiled PHP code. Edit /etc/php.d/10-opcache.ini and configure:

opcache.enable=1
opcache.memory_consumption=128
opcache.max_accelerated_files=10000

Configure database query caching in MariaDB for faster data retrieval. For large deployments serving global users, implement a content delivery network (CDN) to reduce latency and server load.

Monitor server resources regularly and scale vertically (more CPU/RAM) or horizontally (multiple servers) as usage grows.

Security Best Practices

Conduct regular security audits reviewing user accounts, file permissions, and access logs. Keep all software components updated, including Apache, PHP, MariaDB, and ProjectSend itself.

Use strong, unique passwords for all accounts and change them periodically. Implement a regular backup schedule with off-site storage for disaster recovery. Monitor system logs for unusual activity indicating potential security breaches.

User Management

Remove inactive user accounts to reduce attack surface and maintain clean user databases. Review and update user permissions regularly as roles change. Provide security training to users emphasizing strong passwords and safe file-sharing practices.

Document your ProjectSend configuration and procedures for team continuity.

Congratulations! You have successfully installed ProjectSend. Thanks for using this tutorial for installing ProjectSend open-source self-hosted file-sharing on AlmaLinux OS 10 system. For additional help or useful information, we recommend you check the official ProjectSend website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button