View Single Post
Old 28th February 2006, 10:16
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

Originally Posted by Joffar
How is the ISPCOnfig security against malicious intruders right out of the box? recommandations
This depends on how secure your Server is configured. Do you use SuExec? Do you have PHP Safemode enabled for all sites. Does your SSHD is protected agains dictionary attacks? There are many more things that you can do to secure your server, but they are not specific to ISPConfig.

Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
ISPConfig uses the bastille firewall. Bastille is a script to configure IPTables or IPChains.

how does the ISPConfig built in firewall stack up against other firewalls out there?
Bastille is an IPTables / IPChains firewall. If you dont like it you can use any other firewall with ISPConfig.

Is there a log from the firewall that I can look at to see what is going on?
You can activate loggin in the bastille configuration under /etc/Bastille. Dont forget to change the configuration tenplate in /root/ispconfig/isp/conf/ too, if you want to add changes permanently.

Any thoughts on adding Awstats as a ISPConfig monitoring tool?
If someone builds an awstats extension, we will add it to ISPConfig.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote