Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 16th August 2012, 22:33
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 38
Thanked 89 Times in 68 Posts
Default

For me a essential add-on is cluebringer for postfix. It provides access control, spf check, greylist, helo/ehlo checks and quota support. It's written in perl and support mysql/sqlite/postgresql. All with a web interface, just awesome!
Reply With Quote
The Following User Says Thank You to pititis For This Useful Post:
manarak (19th August 2012)
Sponsored Links
  #12  
Old 10th September 2012, 08:59
manarak manarak is offline
Senior Member
 
Join Date: Apr 2009
Posts: 262
Thanks: 32
Thanked 6 Times in 5 Posts
Default

Quote:
Originally Posted by manarak View Post
another (potentially) essential config tweak:

if you are running high-traffic sites, and especially if they sit on a cloud Vserver that usually have limited storage and limited I/O bandwidth, you want to disable the Apache Access log:

http://www.howtoforge.com/forums/showthread.php?t=52180

just use google analytics or another stats provider for stats. they are better anyway - and won't clog your server with 30+ Gigs of logs, hello backup storage!
Just an addendum - I just discovered the logs are written twice!

under /etc/apache2/conf.d is the file other-vhost-access-log that writes a "vhosts combined" log. don't forget to deactivate that one as well.
Reply With Quote
  #13  
Old 21st February 2013, 19:46
manarak manarak is offline
Senior Member
 
Join Date: Apr 2009
Posts: 262
Thanks: 32
Thanked 6 Times in 5 Posts
Default

another observation:
if you install a vserver: these usually don't allow access to IPTABLES, since they are built into the kernel that is common to all vservers on the host.
So your fail2ban is going to be ineffective in the default config.

solution: use hosts.deny instead.

to do this:
in jail.conf
change
banaction = iptables-multiport
into
banaction = hostsdeny
save and restart fail2ban
Reply With Quote
  #14  
Old 3rd March 2013, 08:11
manarak manarak is offline
Senior Member
 
Join Date: Apr 2009
Posts: 262
Thanks: 32
Thanked 6 Times in 5 Posts
 
Default

Quote:
Originally Posted by manarak View Post
another observation:
if you install a vserver: these usually don't allow access to IPTABLES, since they are built into the kernel that is common to all vservers on the host.
So your fail2ban is going to be ineffective in the default config.

solution: use hosts.deny instead.

to do this:
in jail.conf
change
banaction = iptables-multiport
into
banaction = hostsdeny
save and restart fail2ban
I realized later that hosts.deny is not a good solution. see here why:
http://www.howtoforge.com/forums/sho...d.php?p=293131
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Multiple Actions Required to Add Domain fatbear General 4 22nd April 2012 15:13
freebsd 7, samba 3, domain controller alexdimarco Suggest HOWTO 6 5th November 2010 16:54
ISPConfig 3.0.0.8 RC1 released till General 92 22nd February 2010 09:52
Add ons for ISPConfig 3 virtue Installation/Configuration 24 16th October 2009 17:30
Advice on how to setup Lintrack As A LAN Gateway And An OpenVPN Bridge eddiequek HOWTO-Related Questions 0 12th July 2007 10:38


All times are GMT +2. The time now is 18:20.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.