Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th September 2009, 14:52
all all is offline
Member
 
Join Date: Jul 2009
Posts: 41
Thanks: 7
Thanked 0 Times in 0 Posts
Default Best Ispconfig configuration for Production Server with postfix

Hello everyone,

First of all, i am glad to tell you all that falko and Tim are doing wonderful job,

few times i tested their patience by asking them multiple questions but they always respond in the same sweet way.

even once cause of a problem i said cause of this problem i will turn away from ispconfig, but they didn't mind it.

Thank you guys for such a wonderful project.

I love everything about our community and will always (i said our because i feel i am the part of it).

I can say now that i am 60--70% effiecent in configuring ISPConfig.



I am glad that i can.

Since few days i am fighting against Ddos attacker doing two kinds of attacks.

One syn_recv Flood with spoofed ip's(yes i checked those ip's are not even functioning, dont know how to ban them or don't let them connect).

What i did is i set syn cookie to 1

set the maximum retry value etc. to avoid syn flood to an extend, dont know if there is other option, will be glad if some guru's will share here.

Second was from few ip's attacking on apache requesting same webpage again n again.

I banned them manually, i am not efficient in php or other language, so what i did , i made a script in visual basic (yes i said visual basic lol).

which process a file to see if some ip's flooding( this file is generated by a cron on my server every 5 minutes and overwrite again n again every 5 minutes).

Visual basic application downloads that file. checks which ip is hitting the same webpage since last 5 minutes, if the value is above 100, it generates rule to ban that ip.

Then the rules generated by visual basic application are parsed to php file which executes them on server (but before executing it clears all banned ip's, because i want to allow those ip's again).

This is how my protection system works , funny but this is how i know i know its very long procedure.

Now what i am thinking is.

Some ppl also flooding and spamming the postfix, i dont know how to stop. for the time being i stopped postfix but that won't help.

I dont know how to disallow unauthrized access to postfix or do i need to install any alternative.

Also i guess by default installation of ISPConfig 3.0.1.4, postfix acts as relay?

Much love and respect.
Keep it up howtoforge family.

Last edited by all; 5th September 2009 at 14:58. Reason: want to add more
Reply With Quote
Sponsored Links
  #2  
Old 5th September 2009, 17:45
all all is offline
Member
 
Join Date: Jul 2009
Posts: 41
Thanks: 7
Thanked 0 Times in 0 Posts
Default re

kindly move the post to right section, i thought i write in ispconfig 3 my badi tried not to do mistakes but happens.

Sorry
Reply With Quote
  #3  
Old 6th September 2009, 15:47
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

You might want to consider installing fail2ban: http://www.howtoforge.com/fail2ban_debian_etch
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
all (10th September 2009)
  #4  
Old 10th September 2009, 17:09
all all is offline
Member
 
Join Date: Jul 2009
Posts: 41
Thanks: 7
Thanked 0 Times in 0 Posts
 
Default

2009-09-06 04:34:30,285 fail2ban.jail : INFO Using poller
2009-09-06 04:34:30,307 fail2ban.filter : INFO Created Filter
2009-09-06 04:34:30,307 fail2ban.filter : INFO Created FilterPoll
2009-09-06 04:34:30,307 fail2ban.filter : INFO Set maxRetry = 5
2009-09-06 04:34:30,308 fail2ban.comm : WARNING Invalid command: ['set', 'courierpop3', 'failregex', 'courierpop3login: LOGIN FAILED.*ip=\\[.*:\\]']

installed using giving link.

what's missing?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail -Ubuntu 8.04 c4rdinal HOWTO-Related Questions 112 23rd August 2011 10:49
Ubuntu Server, postfix, gmail relay sjau Server Operation 3 14th December 2010 18:20
postfix, pop3 uvbnserved Server Operation 22 24th May 2009 21:00
Loads of mysql connections to dbispconfig StrikerNL General 2 5th March 2009 14:31
Problem with keeping Apache alive bobeq Server Operation 3 29th November 2007 16:11


All times are GMT +2. The time now is 22:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.