View Single Post
Old 1st January 2013, 21:45
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

Okey, but this is so in every host, so this is not a defect and this is not the problem but the problem is that you can make :
And it's work perfectly with every domain, THIS is what i am talking about
Thats what we made the domain limits for. I understand that you dont like them but they are the only secure way in securing the server against domain misuse and phising.

Btw, adding a website might only harm if you work with wildcard dns records which is not recommended anyway. If you dont use wildcard dns, nobody can access this site as the domain owner controls the dns record. If I add google.ocm on my ispconfig server, I will not get any traffic from google as their dns does not point to my server.

There is a feature request for adding a optional simple database match for website domains in the bugtracker for those who dont like the domain limit feature, so you might want to vote for that. But such a database match can never be really secure and customers can use it to block your system by adding e.g. a website "" which is a valid domain name and no other customer will be able to add a site with domain on your server until you removed or renamed the site. So while this check adds some pseudo security, it will case you troubles on the other side.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote