View Single Post
Old 14th February 2013, 17:12
till till is offline
Super Moderator
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts

One of the potential problems with that potentially somebody could brute force the admin login and then get access to everything.
You can not brute force the ispconfig admin login as ispconfig blocks IP's aftersome failed login attempts automatically. Fail2ban is not required for that.

Either say that the admin user can only log in from a certain IP or can only log in to a certain server in the cluster, and then we'd restrict access to that server?
The ispconfig login is a normal apache vhost, so you can use all kin of restrictions that are available for apache vhosts as additional protection.
Till Brehm
Get ISPConfig support and the ISPConfig 3 manual from
Reply With Quote