Ispconfig 3, Tiger security tool
The first thing I want to do is to thank to the developers of ispconfig 3. Congratulations you have made a great product!
I installed it a couple of weeks ago, and have been successfully testing it since then.
It seems 100 % reliable to me, but before going on production, I want to secure it as much as possible.
Apart from many other things, I have been using tiger to check my installation, I found it a quite useful tool.
After polishing some fails and warnings. I still have some warnings in the report related mainly to some services,
some system shells, cron jobs, and the /usr/local/ directory.
I haven't tried to fix these ones because I guess that they are related to ispconfig itself, and I could break the system, but I' m unsure whether is still something that can be done.
That's why I'd like someone with enough knowledge to have a look at the report and tell me if it looks good, or there is something that could be fixed.
I'm attaching the file here.