Any Potential Conflict Between Lynis Needs & ISPConfig?

I discovered Lynis via this thread [3 security tools]. I installed it and fell in love. Lynis conducts a wide range of security tests and provides convenient suggestions to resolve whatever warnings. My question is this: Are there any known warnings from Lynis that, if resolved, conflicts with ISPConfig? (directory/file permissions, hardening php, removing old kernels, & so on... )

Are there any test that ISPConfig would recommend I disable in Lynis?

Or am I free to eliminate all the warnings as recommended?

My goal is Hardening index of 100

Thanks

 

So I am free to eliminate lynis warnings without worry of breaking ISPConfig?

 

I am good about reading tutoials and documentation.. If I run into specific Lynis / ISPConfig issues... I'll post... thanx.

 

Ok.. so I am back with a couple of "nitty-gritty" questions regarding Lynis 3.0.3 & ISPConfig. I am aware that I can simply execute these changes on my test server and see what happens. However, these changes involve a much longer testing cycle as to detect possible negative impacts, so I would highly appreciate it if one you gurus could save me a substantial bit of time with your knowledge.

Lynis [HOME-9304] suggests:

Code:

chmod 750 /home/administrator \
chmod 750 /var/lib/spamassassin \
chmod 750 /var/vmail \
chmod 750 /var/www/apps \
chmod 750 /usr/local/ispconfig \

All of the above seem like harmless hardening measures, but I would appreciate a confirmation of their harmlessness... or if I am about to step on a landmine.

Also there is one Lynis suggestion that seems very, very substantive:

Code:

# chown ispconfig /usr/local/ispconfig

Lynis warns that /usr/local/ispconfig is owned by root rather than ispconfig user and makes the above suggestion.

Can you provide a little affirmation / clarity for the noob?
thx

 

Thanks... avoiding creating a security hole and other headaches is exactly why I asked.