PDA

View Full Version : manual ispconfig 3


ilgio
30th March 2009, 14:30
where is a manual of ispconfig 3?

and what is a first step after install ispconfig 3 ?

and i will setting perfectly with protection my ISP server

help me
thx

till
30th March 2009, 14:49
There are no manuals for ISPConfig 3 available yet except of the installation instructions.

ilgio
30th March 2009, 15:54
i have follow this link for installation
http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig3

and the installation is perfect, but i have configure postfix, clamav more particularity and more protection

till
30th March 2009, 15:56
You dont have to configure anything manually, it is all configured automatically by the ispconfig installer.

ilgio
30th March 2009, 16:03
and after installation ispconfig3 the my server is ready for put online SERVER ISP?

i have a fear the attack of the hacker

noo?

ilgio
30th March 2009, 18:30
please
help me

Izinyoka
30th March 2009, 19:09
Dude What are you worried about??

What security issues did you fix?
The ISPconfig installer configures the mail server, and it is secure.
Tell me exactly what security holes there are in a default setup.

if you have to change things, install ISPconfig first, then make changes.

And by the way, no product manual is going to tell you what to do after you mess up the mailserver installation.

HellMind
30th March 2009, 19:36
if you go to
http://your_ispconfig_ip/domain/

You shouldn't have access to there right?

Can be that called a vulnerability

till
30th March 2009, 19:59
Tested on my server Debian lenny, ISPConfig 3.0.1 and I get a access forbidden (403).

ISPconfig adds rules to protect these directories from being accessed directly for every site created in ispconfig. for example:

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

If this is not added in your configuration then you do not use ISPConfig 3.0.1 or you have modified the vhost templates.

If you want to protect also directories not created or maintained by ispconfig, simply disable the debian default vhost.

HellMind
30th March 2009, 20:48
Tested on my server Debian lenny, ISPConfig 3.0.1 and I get a access forbidden (403).

ISPconfig adds rules to protect these directories from being accessed directly for every site created in ispconfig. for example:

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

If this is not added in your configuration then you do not use ISPConfig 3.0.1 or you have modified the vhost templates.

If you want to protect also directories not created or maintained by ispconfig, simply disable the debian default vhost.

I'm using 3.0.1 and I didn't modified the vhost templates.

Where ispconfig adds the deny rules like

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

in test.int.vhost?

till
30th March 2009, 20:55
in test.int.vhost?

Yes, right at the beginning of the file before the vhost definition so that the definition is valid globally for all requests.

HellMind
30th March 2009, 21:08
I found if I modify the site cfg, ispc adds that rule,

I think it's because those sites were created with the previous version of ispconfig.

Maybe the update tool should rewrites all the .vhost files.

ilgio
30th March 2009, 23:08
yes i'm using 3.0.1 stable.

after installing my server isp is ready for go?
or after installing i must configura a single demon? for the best protection and functionally

after installation in http://mtISP_domain:8080
which the first step ?
add a user?
add a client?
add a domain?
add a email?

falko
31st March 2009, 17:45
after installing my server isp is ready for go?Yes.

after installation in http://mtISP_domain:8080
which the first step ?
add a user?
add a client?
add a domain?
add a email?Depends on what you want to do. Normally, you create a client first, and then you can create email addresses, web sites, etc.