Since I am brand new to the Linux world and ISPConfig I have a few questions...
How is the ISPCOnfig security against malicious intruders right out of the box? recommandations
Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
how does the ISPConfig built in firewall stack up against other firewalls out there?
Is there a log from the firewall that I can look at to see what is going on?

Any thoughts on adding Awstats as a ISPConfig monitoring tool?



Thank you for all help!

How is the ISPCOnfig security against malicious intruders right out of the box? recommandations

This depends on how secure your Server is configured. Do you use SuExec? Do you have PHP Safemode enabled for all sites. Does your SSHD is protected agains dictionary attacks? There are many more things that you can do to secure your server, but they are not specific to ISPConfig.

Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?

ISPConfig uses the bastille firewall. Bastille is a script to configure IPTables or IPChains.

how does the ISPConfig built in firewall stack up against other firewalls out there?
Bastille is an IPTables / IPChains firewall. If you dont like it you can use any other firewall with ISPConfig.

Is there a log from the firewall that I can look at to see what is going on?

You can activate loggin in the bastille configuration under /etc/Bastille. Dont forget to change the configuration tenplate in /root/ispconfig/isp/conf/ too, if you want to add changes permanently.

Any thoughts on adding Awstats as a ISPConfig monitoring tool?

If someone builds an awstats extension, we will add it to ISPConfig.

Any thoughts on adding Awstats as a ISPConfig monitoring tool?

AWstats is very complicated to set up - I once did it for one web site, and it's not a matter of minutes.
Because it is that complex, we haven't integrated it into ISPConfig yet. But if someone comes up with a module for AWStats, we'd be happy to integrate it.
For now, you can set up AWStats manually for each web site that needs it.

Thank you.
As I said, I am new at this, I activated the module when I installed ISPconfig, but I guss im not using it yet... obviously since this is the second time Im hearing of it... guess I have to read up a little more.. :)
Reason I asked about Awstats is I had it when I had the server on a windows machine.... and yes I guess it does require some more work to install...

Is there something I have to to to get the webalizer to work, it seems like it is not recording any hits or visits on my web site?

By the way this is a great forum, you guys are responding very quickly and to everyone also.

Great Job!

Thank you.
Ivar

Is there something I have to to to get the webalizer to work, it seems like it is not recording any hits or visits on my web site?

If you've set up the web site right now, you must wait some hours because Webalizer runs at 4:00 AM.
If you don't have statistics afterwards, have a look at this thread: http://www.howtoforge.com/forums/showthread.php?t=562

I checked this morning but I must be overlooking something... I finally got the stats folder at weblevel, but it appears that the folder is empty. I ran the grep -i .... but did not see any error in the cron job. Do I have to create/copy the webalizer page manually? Where is it supposed to be anyway?

Is it because I called my server the same as the site name??

Server blumonkey.org, site http://blumonkey.org If so what is the easiest way to change this?

Thank you!

I checked this morning but I must be overlooking something... I finally got the stats folder at weblevel, but it appears that the folder is empty. I ran the grep -i .... but did not see any error in the cron job. Do I have to create/copy the webalizer page manually? Where is it supposed to be anyway?

The stats where generated in the "stats" folder of the website.

Are you sure that webalizer is installed on your server?
Does the web.log file in the log folder of the website contains log lines from yesterday?

Is it because I called my server the same as the site name??

Server blumonkey.org, site http://blumonkey.org If so what is the easiest way to change this?

No, this should not affect the webalizer stats. The only known complications are in the postfix setup.

Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

What kind of complications in the postfix? What do I have to do to change the webserver name?

Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

It is listed at the bottom of this page :)

http://www.howtoforge.com/perfect_setup_ubuntu_5.10_p5

What kind of complications in the postfix? What do I have to do to change the webserver name?

Yes, better change your server name to something like : server1.yourdomain.com". Make sure that server1.yourdomain.com exists in DNS and points to your server.

Otherwise you might get the problem that when you create an catchall email account in your domain you get the emails from all other domains on your server.

Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

Please post the output of which webalizer

Output of:
which webalizer
/usr/bin/webalizer

I checked and it was installed, I even removed and rreinstalled. Would I have to purge something to ensure a total rremoval and if so what is the command_


grep -i cron /var/log/messages
gives no messages at all and

grep -i cron /var/log/syslog
Does give me some messages, but noting that indicates any error

Thanks again for all the help.

Did you have a look at this thread? http://www.howtoforge.com/forums/showthread.php?t=562

Did you have a look at this thread? http://www.howtoforge.com/forums/showthread.php?t=562
Yes I did, I restarted cron, but I still cant get access to http://blumonkey.org/stats/ its as if there is noting in that folder. I am asked to enter a username and password, but when doing so, all I get is an 404 page not found... maybe its something in the php on my page that causes this? I will look at that when I get home...'

Thanks.

Yes I did, I restarted cron, but I still cant get access to http://blumonkey.org/stats/ its as if there is noting in that folder.
Did you also run crontab -e?

What happens when you run
/root/ispconfig/php/php /root/ispconfig/scripts/shell/logs.php
/root/ispconfig/php/php /root/ispconfig/scripts/shell/webalizer.php on the shell? Any error messages? Are stats created then?

Yes I ran the crontab -e

Output from /root/ispconfig/php/php /root/ispconfig/scripts/shell/logs.php

Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php on line 125

Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php on line 125

there is no output from /root/ispconfig/php/php /root/ispconfig/scripts/shell/webalizer.php I ran it a couple of days ago and then I believe it said something in german regarding statistics...

I found out that I had accisdentally transmitted an old .htaccess file that caused some issues. but now all I get is 403 Error forbidden...

Can you try to track this down as described on http://www.howtoforge.com/forums/showthread.php?t=1400&page=2 and the following pages?

Can you try to track this down as described on http://www.howtoforge.com/forums/showthread.php?t=1400&page=2 and the following pages?
I followed the suggestion in the link above, and this is what I got:
/root/ispconfig/php/php /root/ispconfig/scritps/shell/logs.php
Output:
/var/www/www.blumonkey.org
Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php on line 126

/var/www/localhost
Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php on line 126

I also added
rint_r($directory_array)."\n";
print_r(dir_array($dir."/".$filename))."\n";
in the webalizer.php this gave no output when running:
/root/ispconfig/php/php /root/ispconfig/scritps/shell/webalizer.php

Also moved localhost, but it was recreated and there was no change.. and thats as far as I have gotten...

Please post the output of ls -la /var/www

Please post the output of ls -la /var/www
ls -la /var/www
outputs:

total 32
drwxr-xr-x 8 root root 4096 2006-03-03 06:35 .
drwxr-xr-x 16 root root 4096 2006-03-03 02:14 ..
drwxr-xr-x 2 root root 4096 2006-02-19 18:14 apache2-default
lrwxrwxrwx 1 www-data web8 13 2006-02-24 00:57 blumonkey.org -> /var/www/web8
drwxr-xr-x 3 root root 4096 2006-03-03 06:35 localhost
drwxr-xr-x 2 root root 4096 2006-02-19 20:52 sharedip
drwxr-xr-x 12 web8_ivar web8 4096 2006-03-03 10:59 web8
drwxr-xr-x 2 root root 4096 2006-02-19 19:57 webalizer
drwxr-xr-x 3 root root 4096 2006-03-02 00:30 www.blumonkey.org