ISPConfig security

Discussion in 'Installation/Configuration' started by Joffar, Feb 28, 2006.

  1. Joffar

    Joffar New Member

    Since I am brand new to the Linux world and ISPConfig I have a few questions...
    How is the ISPCOnfig security against malicious intruders right out of the box? recommandations
    Should I add rules in the IPtables as well as the ISPConfig built in firewall? If so, any recommandations?
    how does the ISPConfig built in firewall stack up against other firewalls out there?
    Is there a log from the firewall that I can look at to see what is going on?

    Any thoughts on adding Awstats as a ISPConfig monitoring tool?



    Thank you for all help!
     
    Last edited: Feb 28, 2006
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This depends on how secure your Server is configured. Do you use SuExec? Do you have PHP Safemode enabled for all sites. Does your SSHD is protected agains dictionary attacks? There are many more things that you can do to secure your server, but they are not specific to ISPConfig.

    ISPConfig uses the bastille firewall. Bastille is a script to configure IPTables or IPChains.

    Bastille is an IPTables / IPChains firewall. If you dont like it you can use any other firewall with ISPConfig.

    You can activate loggin in the bastille configuration under /etc/Bastille. Dont forget to change the configuration tenplate in /root/ispconfig/isp/conf/ too, if you want to add changes permanently.

    If someone builds an awstats extension, we will add it to ISPConfig.
     
  3. falko

    falko Super Moderator Howtoforge Staff

    AWstats is very complicated to set up - I once did it for one web site, and it's not a matter of minutes.
    Because it is that complex, we haven't integrated it into ISPConfig yet. But if someone comes up with a module for AWStats, we'd be happy to integrate it.
    For now, you can set up AWStats manually for each web site that needs it.
     
  4. Joffar

    Joffar New Member

    Thank you.
    As I said, I am new at this, I activated the module when I installed ISPconfig, but I guss im not using it yet... obviously since this is the second time Im hearing of it... guess I have to read up a little more.. :)
    Reason I asked about Awstats is I had it when I had the server on a windows machine.... and yes I guess it does require some more work to install...

    Is there something I have to to to get the webalizer to work, it seems like it is not recording any hits or visits on my web site?

    By the way this is a great forum, you guys are responding very quickly and to everyone also.

    Great Job!

    Thank you.
    Ivar
     
    Last edited: Feb 28, 2006
  5. falko

    falko Super Moderator Howtoforge Staff

    If you've set up the web site right now, you must wait some hours because Webalizer runs at 4:00 AM.
    If you don't have statistics afterwards, have a look at this thread: http://www.howtoforge.com/forums/showthread.php?t=562
     
  6. Joffar

    Joffar New Member

    I checked this morning but I must be overlooking something... I finally got the stats folder at weblevel, but it appears that the folder is empty. I ran the grep -i .... but did not see any error in the cron job. Do I have to create/copy the webalizer page manually? Where is it supposed to be anyway?

    Is it because I called my server the same as the site name??

    Server blumonkey.org, site http://blumonkey.org If so what is the easiest way to change this?

    Thank you!
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    The stats where generated in the "stats" folder of the website.

    Are you sure that webalizer is installed on your server?
    Does the web.log file in the log folder of the website contains log lines from yesterday?

    No, this should not affect the webalizer stats. The only known complications are in the postfix setup.
     
  8. Joffar

    Joffar New Member

    Hmmm I followed the perfect setup deal for ISPConfig for Ubuntu, If it wasnt listed there then no... I havent installed webalizer.. :eek:

    What kind of complications in the postfix? What do I have to do to change the webserver name?
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    It is listed at the bottom of this page :)

    http://www.howtoforge.com/perfect_setup_ubuntu_5.10_p5

    Yes, better change your server name to something like : server1.yourdomain.com". Make sure that server1.yourdomain.com exists in DNS and points to your server.

    Otherwise you might get the problem that when you create an catchall email account in your domain you get the emails from all other domains on your server.
     
  10. falko

    falko Super Moderator Howtoforge Staff

    Please post the output of
    Code:
    which webalizer
     
  11. Joffar

    Joffar New Member

    Output of:
    PHP:
    which webalizer
    /usr/bin/webalizer
    I checked and it was installed, I even removed and rreinstalled. Would I have to purge something to ensure a total rremoval and if so what is the command_


    PHP:
    grep -i cron /var/log/messages
    gives no messages at all and

    PHP:
    grep -i cron /var/log/syslog
    Does give me some messages, but noting that indicates any error

    Thanks again for all the help.
     
  12. falko

    falko Super Moderator Howtoforge Staff

  13. Joffar

    Joffar New Member

    Yes I did, I restarted cron, but I still cant get access to http://blumonkey.org/stats/ its as if there is noting in that folder. I am asked to enter a username and password, but when doing so, all I get is an 404 page not found... maybe its something in the php on my page that causes this? I will look at that when I get home...'

    Thanks.
     
  14. falko

    falko Super Moderator Howtoforge Staff

    Did you also run
    Code:
    crontab -e
    ?

    What happens when you run
    Code:
    /root/ispconfig/php/php /root/ispconfig/scripts/shell/logs.php
    /root/ispconfig/php/php /root/ispconfig/scripts/shell/webalizer.php
    on the shell? Any error messages? Are stats created then?
     
  15. Joffar

    Joffar New Member

    Yes I ran the crontab -e

    Output from /root/ispconfig/php/php /root/ispconfig/scripts/shell/logs.php
    Code:
    Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php                     on line 125
    
    Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php                     on line 125
    
    there is no output from /root/ispconfig/php/php /root/ispconfig/scripts/shell/webalizer.php I ran it a couple of days ago and then I believe it said something in german regarding statistics...

    I found out that I had accisdentally transmitted an old .htaccess file that caused some issues. but now all I get is 403 Error forbidden...
     
  16. falko

    falko Super Moderator Howtoforge Staff

  17. Joffar

    Joffar New Member

    I followed the suggestion in the link above, and this is what I got:
    /root/ispconfig/php/php /root/ispconfig/scritps/shell/logs.php
    Output:
    Code:
    /var/www/www.blumonkey.org
    Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php                     on line 126
    
    /var/www/localhost
    Warning: readlink(): Invalid argument in /root/ispconfig/scripts/shell/logs.php                     on line 126
    I also added
    PHP:
    rint_r($directory_array)."\n";
    print_r(dir_array($dir."/".$filename))."\n"
    in the webalizer.php this gave no output when running:
    /root/ispconfig/php/php /root/ispconfig/scritps/shell/webalizer.php

    Also moved localhost, but it was recreated and there was no change.. and thats as far as I have gotten...
     
  18. falko

    falko Super Moderator Howtoforge Staff

    Please post the output of
    Code:
    ls -la /var/www
     
  19. Joffar

    Joffar New Member

    ls -la /var/www
    outputs:

    Code:
    total 32
    drwxr-xr-x   8 root      root 4096 2006-03-03 06:35 .
    drwxr-xr-x  16 root      root 4096 2006-03-03 02:14 ..
    drwxr-xr-x   2 root      root 4096 2006-02-19 18:14 apache2-default
    lrwxrwxrwx   1 www-data  web8   13 2006-02-24 00:57 blumonkey.org -> /var/www/web8
    drwxr-xr-x   3 root      root 4096 2006-03-03 06:35 localhost
    drwxr-xr-x   2 root      root 4096 2006-02-19 20:52 sharedip
    drwxr-xr-x  12 web8_ivar web8 4096 2006-03-03 10:59 web8
    drwxr-xr-x   2 root      root 4096 2006-02-19 19:57 webalizer
    drwxr-xr-x   3 root      root 4096 2006-03-02 00:30 www.blumonkey.org
    
     

Share This Page