ISPConfig available for testing

Discussion in 'Developers' Forum' started by till, Aug 26, 2014.

  1. till

    till Super Moderator Staff Member ISPConfig Developer

    Today I would like to introduce a pre relaese of the upcoming version to a broader audience.

    What's new in ISPConfig

    This release introduces some interesting new security features and fixes several bugs in the remote API.

    Intrusion Detection System

    The ISPConfig interface now contains a IDS System to protect it against unknown threats and
    vulnerabilitys. The IDS System consists of a scan engine for POST, GET, COOKIE and SESSION
    variables based on PHPIDS and a SQL query scanner to detect SQL injection attacks.

    The IDS system does not replace any of the input and variable checks that are implemented in ISPConfig,
    the IDS adds a more generic check for all incoming variables in ISPConfig to build a second defense line.

    For now, the IDS system is configured to add warnings in the ISPConfig System log only and not to block attacks.
    If you like to block attacks in this version, set ids_block_level to a value between 5 and 20 in the
    security_settings.ini file. The checks are quite strict and we will probably have to whitelist some addditional
    variables to avoid false positive warnings to customers. Therefore I would like to ask you to help us to complete
    the whitelist.

    How whitelisting works:

    The IDS writes all alerts in whitelst file format to the file /usr/local/ispconfig/interface/temp/ids.log
    and the full warning message to the ispconfig system log in the interface. If you find that a alert is
    a false positive, then please post the alert message and line from ids.log here in the forum so we can check
    that and add it to the official whitelist.

    You can find a detailed description on the IDS settings in the security README file in the
    /usr/local/ispconfig/security/ folder.

    Note: This pre release reports itsellf still as, so dont be worried if you dont see a
    new version number.

    Detailed Changelog[]=


    Update instructions

    cd /tmp
    rm -rf /tmp/ispconfig3_install
    tar xvfz ISPConfig-3.0.5-rc2.tar.gz
    cd ispconfig3_install/install
    php -q update.php
    Last edited by a moderator: Aug 26, 2014
    tyay likes this.
  2. Numerizen

    Numerizen Member

    Hi and thanks for this update.

    I did a fresh install on a new server. Got the login page and logged in as admin/admin.

    Here is what I got :

    Any help ?
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats a issue with the new security system whih seems to have a conflict with the rss feed that is aved in the sessions. As workarounf please edit:


    and set the isd block level to e.g. 900
  4. Numerizen

    Numerizen Member


    I could login, but the whole thing is awfully slow. Is is related to the security stuff too ?
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    this might be. I dont have any delays here but I have a fast test can try to turn off the ids completely in securiyt settings .ini file.
  6. Numerizen

    Numerizen Member

    That was definitely it : everything is blazing fast after commenting these lines :

    ... but I understand it's a security risk, right ?
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    f you want to disable it, set:


    instead of commenting out lines.

    Yes. Not sure if I would call it as security risk as this function is just an additional security layer, so basically your system just dont use this additional protection then. The IDS is scanning all incoming variables so there it will take some additional ressources, but I will try to see if it can be further optimized.
  8. Numerizen

    Numerizen Member

    OK, thanks. I can live without this feature for now.
  9. ferryvdijk

    ferryvdijk New Member

    problem thats i cannot acces is here too. If changing the security setting to 900 then its very slow. Now i've disabled ids.
  10. PP2000

    PP2000 New Member

    Smallbug in

    Hy there,

    there is a small bug for gentoo-users in the
    (located in /ispconfig3_install/server/plugins_available/

    Line 120:
    should be

    the same bug in Line 154
    should be

    please correct this, we are using ispconfig on a gentoo machine,
    and at the moment we correct it manualy ..

    thanks and best regards

  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Thanks for the notice. I've changed that in GIT.

Share This Page