Can ISPconfig be infected by Ransomware?

Discussion in 'General' started by webguyz, Aug 10, 2017.

  1. webguyz

    webguyz Active Member HowtoForge Supporter

    Was reading on WHT about a Linux vbs user who says his server was infected with Ransomware and wondering how that could have happened? Doesn't the Ransomware require clicking on a link to spread the infection? Since all we do with ISPconfig is web and mail serving, how could Ransomware spread if at all possible and how to protect against it? As if we didn't have enough to worry about. :)
  2. Tuumke

    Tuumke Active Member

    It might be that he installed a standalone package for other services, used a unsafe script.. there could be several ways this has happend that have nothing to do with ISPConfig.
  3. webguyz

    webguyz Active Member HowtoForge Supporter

    So your saying as long as we have a vanilla ISPConfig setup, Ransomeware should not be concern.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The question does not really make sense, so nobody can answer it.

    A question like:

    Can <put any software name here> be infected by <put any name here>.

    Must probably be always yes as there is most likely no application in the world that can not be infected by something. This does not mean that ISPConfig is vulnerable or not vulnerable for something or that it was infected on that server you mention, it just means that such a unspecific question can not be answered. and as @Tuumke pointed out, it is way more likely that a software or script hosted on a website gets infected than that ISPConfig gets infected.

    The genaral rules to keep a server safe are always the same: install updates for all installed software regularly, use secure passwords for all services and key based logins for SSH and open up only the ports that you want someone to connect to.
    Tuumke and webguyz like this.

Share This Page