manual ispconfig 3

[ilgio]

where is a manual of ispconfig 3?

and what is a first step after install ispconfig 3 ?

and i will setting perfectly with protection my ISP server

help me
thx

[till]

There are no manuals for ISPConfig 3 available yet except of the installation instructions.

[ilgio]

i have follow this link for installation
http://www.howtoforge.com/perfect-se...nny-ispconfig3

and the installation is perfect, but i have configure postfix, clamav more particularity and more protection

[till]

You dont have to configure anything manually, it is all configured automatically by the ispconfig installer.

[ilgio]

and after installation ispconfig3 the my server is ready for put online SERVER ISP?

i have a fear the attack of the hacker

noo?

[ilgio]

please
help me

[Izinyoka]

Dude What are you worried about??

What security issues did you fix?
The ISPconfig installer configures the mail server, and it is secure.
Tell me exactly what security holes there are in a default setup.

if you have to change things, install ISPconfig first, then make changes.

And by the way, no product manual is going to tell you what to do after you mess up the mailserver installation.

[HellMind]

if you go to
http://your_ispconfig_ip/domain/

You shouldn't have access to there right?

Can be that called a vulnerability

[till]

Tested on my server Debian lenny, ISPConfig 3.0.1 and I get a access forbidden (403).

ISPconfig adds rules to protect these directories from being accessed directly for every site created in ispconfig. for example:

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

If this is not added in your configuration then you do not use ISPConfig 3.0.1 or you have modified the vhost templates.

If you want to protect also directories not created or maintained by ispconfig, simply disable the debian default vhost.

[HellMind]

Quote:

Originally Posted by till

Tested on my server Debian lenny, ISPConfig 3.0.1 and I get a access forbidden (403).

ISPconfig adds rules to protect these directories from being accessed directly for every site created in ispconfig. for example:

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

If this is not added in your configuration then you do not use ISPConfig 3.0.1 or you have modified the vhost templates.

If you want to protect also directories not created or maintained by ispconfig, simply disable the debian default vhost.

I'm using 3.0.1 and I didn't modified the vhost templates.

Where ispconfig adds the deny rules like

<Directory /var/www/test.int>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>

in test.int.vhost?