View Single Post
  #2  
Old 28th February 2006, 09:16
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,405
Thanks: 834
Thanked 5,496 Times in 4,326 Posts
Default

Quote:
Originally Posted by Joffar
How is the ISPCOnfig security against malicious intruders right out of the box? recommandations
This depends on how secure your Server is configured. Do you use SuExec? Do you have PHP Safemode enabled for all sites. Does your SSHD is protected agains dictionary attacks? There are many more things that you can do to secure your server, but they are not specific to ISPConfig.

Quote:
Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
ISPConfig uses the bastille firewall. Bastille is a script to configure IPTables or IPChains.

Quote:
how does the ISPConfig built in firewall stack up against other firewalls out there?
Bastille is an IPTables / IPChains firewall. If you dont like it you can use any other firewall with ISPConfig.

Quote:
Is there a log from the firewall that I can look at to see what is going on?
You can activate loggin in the bastille configuration under /etc/Bastille. Dont forget to change the configuration tenplate in /root/ispconfig/isp/conf/ too, if you want to add changes permanently.

Quote:
Any thoughts on adding Awstats as a ISPConfig monitoring tool?
If someone builds an awstats extension, we will add it to ISPConfig.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote