HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   ISPConfig security (http://www.howtoforge.com/forums/showthread.php?t=2793)

Joffar 28th February 2006 06:56

ISPConfig security
 
Since I am brand new to the Linux world and ISPConfig I have a few questions...
How is the ISPCOnfig security against malicious intruders right out of the box? recommandations
Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
how does the ISPConfig built in firewall stack up against other firewalls out there?
Is there a log from the firewall that I can look at to see what is going on?

Any thoughts on adding Awstats as a ISPConfig monitoring tool?



Thank you for all help!

till 28th February 2006 09:16

Quote:

Originally Posted by Joffar
How is the ISPCOnfig security against malicious intruders right out of the box? recommandations

This depends on how secure your Server is configured. Do you use SuExec? Do you have PHP Safemode enabled for all sites. Does your SSHD is protected agains dictionary attacks? There are many more things that you can do to secure your server, but they are not specific to ISPConfig.

Quote:

Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
ISPConfig uses the bastille firewall. Bastille is a script to configure IPTables or IPChains.

Quote:

how does the ISPConfig built in firewall stack up against other firewalls out there?
Bastille is an IPTables / IPChains firewall. If you dont like it you can use any other firewall with ISPConfig.

Quote:

Is there a log from the firewall that I can look at to see what is going on?
You can activate loggin in the bastille configuration under /etc/Bastille. Dont forget to change the configuration tenplate in /root/ispconfig/isp/conf/ too, if you want to add changes permanently.

Quote:

Any thoughts on adding Awstats as a ISPConfig monitoring tool?
If someone builds an awstats extension, we will add it to ISPConfig.

falko 28th February 2006 09:39

Quote:

Originally Posted by Joffar
Any thoughts on adding Awstats as a ISPConfig monitoring tool?

AWstats is very complicated to set up - I once did it for one web site, and it's not a matter of minutes.
Because it is that complex, we haven't integrated it into ISPConfig yet. But if someone comes up with a module for AWStats, we'd be happy to integrate it.
For now, you can set up AWStats manually for each web site that needs it.

Joffar 28th February 2006 12:11

Thank you.
As I said, I am new at this, I activated the module when I installed ISPconfig, but I guss im not using it yet... obviously since this is the second time Im hearing of it... guess I have to read up a little more.. :)
Reason I asked about Awstats is I had it when I had the server on a windows machine.... and yes I guess it does require some more work to install...

Is there something I have to to to get the webalizer to work, it seems like it is not recording any hits or visits on my web site?

By the way this is a great forum, you guys are responding very quickly and to everyone also.

Great Job!

Thank you.
Ivar

falko 28th February 2006 18:54

Quote:

Originally Posted by Joffar
Is there something I have to to to get the webalizer to work, it seems like it is not recording any hits or visits on my web site?

If you've set up the web site right now, you must wait some hours because Webalizer runs at 4:00 AM.
If you don't have statistics afterwards, have a look at this thread: http://www.howtoforge.com/forums/showthread.php?t=562

Joffar 1st March 2006 22:00

I checked this morning but I must be overlooking something... I finally got the stats folder at weblevel, but it appears that the folder is empty. I ran the grep -i .... but did not see any error in the cron job. Do I have to create/copy the webalizer page manually? Where is it supposed to be anyway?

Is it because I called my server the same as the site name??

Server blumonkey.org, site http://blumonkey.org If so what is the easiest way to change this?

Thank you!

till 1st March 2006 22:05

Quote:

Originally Posted by Joffar
I checked this morning but I must be overlooking something... I finally got the stats folder at weblevel, but it appears that the folder is empty. I ran the grep -i .... but did not see any error in the cron job. Do I have to create/copy the webalizer page manually? Where is it supposed to be anyway?

The stats where generated in the "stats" folder of the website.

Are you sure that webalizer is installed on your server?
Does the web.log file in the log folder of the website contains log lines from yesterday?

Quote:

Is it because I called my server the same as the site name??

Server blumonkey.org, site http://blumonkey.org If so what is the easiest way to change this?
No, this should not affect the webalizer stats. The only known complications are in the postfix setup.

Joffar 1st March 2006 22:51

Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

What kind of complications in the postfix? What do I have to do to change the webserver name?

till 2nd March 2006 08:16

Quote:

Originally Posted by Joffar
Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

It is listed at the bottom of this page :)

http://www.howtoforge.com/perfect_setup_ubuntu_5.10_p5

Quote:

What kind of complications in the postfix? What do I have to do to change the webserver name?
Yes, better change your server name to something like : server1.yourdomain.com". Make sure that server1.yourdomain.com exists in DNS and points to your server.

Otherwise you might get the problem that when you create an catchall email account in your domain you get the emails from all other domains on your server.

falko 2nd March 2006 09:58

Quote:

Originally Posted by Joffar
Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :o

Please post the output of
Code:

which webalizer


All times are GMT +2. The time now is 02:31.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.