installing CSF. Considerations

[TheBronx]

Hi, my 3rd thread today hehe. Sorry, it is my 1st day with ISPConfig.
I've been using Kloxo before, and thus I'm used to CSF.

Is it possible to install CSF in a ISPConfig environment? Should I uninstall or deactivate other firewalls?

I want a firewall to block port scanning, max number of connections per IP, port flooding... And I want the firewall to send me emails when this happens.

Is it a good idea to install CSF? Can I do this with fail2ban?

Thanks!

[concept21]

Kloxo is only a Rubbish when it is compared with ISPConfig3!

CSF works very well with ISPConfig3. Make sure your do not enable the default firewall Bastille of ispconfig3. Bastille is a legacy software.

[TheBronx]

So first I have to disable bastille:

Code:

update-rc.d -f bastille-firewall remove

And reboot.

Do I have to change fail2ban configuration? For example:
Configure fail2ban to use route instead of iptables to block connections
Do I have to disable it too?

That's it? I'm using ubuntu 10.04 and the latest ISPConfig 3.

---------------------------------------------------------
About kloxo, what I hate about it is that you only can use Centos 5 32 bits as OS. It is a good OS, but it is outdated (python for example).
Kloxo has problems with php too...

But I liked kloxo, and now that I see ISPConfig... domains and subdomains are much easier in kloxo. Sorry Oh, and when you add a new site the "autosubdomain www.", is it a joke? It doesn't configure any autosubdomain, I had to add it via htaccess. It is still soon, only 2 days with ISPConfig, but I've seen things that kloxo does better.
In kloxo I've never added an A record for subdomains (I mean not manually). I've never added DNS zones, just the first one.

[till]

You can use any firewall with ispconfig, just delete the firewall record or dont create it if you havent done yet in ispconfig. Dont mess with the instakl scripts int /etc/init.d, thats all handled by ispconfig.

Quote:

But I liked kloxo, and now that I see ISPConfig... domains and subdomains are much easier in kloxo. Sorry Oh, and when you add a new site the "autosubdomain www.", is it a joke? It doesn't configure any autosubdomain, I had to add it via htaccess. It is still soon, only 2 days with ISPConfig, but I've seen things that kloxo does better.
In kloxo I've never added an A record for subdomains (I mean not manually). I've never added DNS zones, just the first one.

Auto subdomain works fine, take a look at the vhost and you will see that a alias for www.domain.tld gets added.

ISPConfig is made for larger installations with splitted service and multiple server setups as used by internet service providers and it is made to be very flexible and does not assume that you have to run all services on one server like kloxo or that each mail domain must have a website and vice versa. You can use ispconfig on small servers of course, but its not specially designed for that. So if you like kloxo so much, please do us a favor and uninstall ispconfig and install kloxo again if it fits your needs better.

[TheBronx]

Quote:

So if you like kloxo so much, please do us a favor and uninstall ispconfig and install kloxo again if it fits your needs better.

I said "I've seen things that kloxo does better".
Come on... I didn't want to offend. I'm here because I prefer ISPConfig. But it is my second day with ISPConfig, I've been years using kloxo and it is hard to change.
Sorry if I have said something offending, was not my intention.

And don't tell me "uninstall ispconfig and install kloxo" because kloxo doesn't work in ubuntu!!! hehehe

Quote:

delete the firewall record or dont create it

Where? Under System -> Firewall -> Basic? I only have one firewall record there.

Autosubdomain, here is an example: www.foro.universojuegos.es (not working).
What am I doing wrong?

[till]

Quote:

Sorry if I have said something offending, was not my intention.

Ok I did not wanted to sound that harsh. I'am aware that its not easy to switch a softare that you are used to as every software has its own philosophy.

Quote:

Where? Under System -> Firewall -> Basic? I only have one firewall record there.

Yes. There is one record for each server in your cluster. If you delete that record, the firewall gets deactivated.

Quote:

Autosubdomain, here is an example: www.foro.universojuegos.es (not working).

You havent created a dns A-Record or Cname record for www.foro.universojuegos.es on the dns server that is authoritive for the zone universojuegos.es . When a domain or subdomain does not exist in dns, then you can not access it with a browser.

[TheBronx]

I added that firewall record manually, after installation it was empty. It is a record opening ports. If I delete it, bastille-firewall won't start and cause problems with CSF?
It sounds a bit weird, I was hoping to find a checkbox under System -> System -> Server services like "firewall" hehe.

The autosubdomain:
I added a website: http://i.imgur.com/Y9ZJ4.png
The website works without problems after I've added an A record in the parent domain DNS zone (http://i.imgur.com/77L2p.png).
Try it yourself, foro.universojuegos.es works.
That's why the autosubdomain is confusing me. I'm doing something wrong of course, but I don't know what.
If I have to add a DNS record for www.foro then what does "autosubdomain" mean?

[till]

Quote:

I added that firewall record manually, after installation it was empty. It is a record opening ports. If I delete it, bastille-firewall won't start and cause problems with CSF?

The record is your firewall, if you add it, a firewall gets added and enabled, if you delete it, the firewall gets removed and disabled.

Quote:

If I have to add a DNS record for www.foro then what does "autosubdomain" mean?

Auto subdomain means that a alias is added automatically to the vhost, the laisa is relative to the domain name that you have entered in the domain field.

So if your domain name is "foro.universojuegos.es", then auto subdomain adds a automatic alias for "www.foro.universojuegos.es" in the apache vhost. But in your case the domain "foro.universojuegos.es" is already a subdomain so you most likely dont want to use a fourth level domain www.foro.universojuegos.es, so you set ato subfomain to none in this case. If you want to really use www.foro.universojuegos.es for this site, then you have to add a dns a-record for it as every domain name that you want to use in the internet ahs to exist in dns, othewise your browser can not rsolve the name and will not find yur site.

[TheBronx]

Ok, its clear now.
I never use www.foro.universojuegos.es but it seems some of my visitors do.

Wait! how about fail2ban? No changes needed?

Thank you till, we will probably see again in my 4th thread hehehe.
Have a nice day!

[till]

Quote:

Wait! how about fail2ban? No changes needed?

No. fail2ban checks the logs for failed logins, this depends not on domain names or ip addresses of websites.