ispconfig 3 -debian jessie When installing multiservers, (web, db, ns1, ns2 and mail.server.xx) how they are secure? What I mean: clamav is only installed on mail server if you folow installation guide (apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl) . What protect another servers. Must clamav been installed on each server or? I belive yes. Can somebody explain that. Thank's
Well, that's really up to your configuration. But in general: Webserver = maldet (malware scanner), clamav (virusscanner), rhunter (rootkit scanner) mailserver = clamav, rootkit scanner dns = rootkit just because you can db = rootkit, just because you can If you configure your webservers to also send emails though php mail() (instead you should force your users to use smtp, IMHO) it might be good to go for some kind of firewall that prevents outgoing connections, sockets, and other bad stuff. I also created a vpn network for the servers so that they can talk with each other without the issue of sending stuff in plain text. Same for my backup server. all data goes through the vpn and is thus encrypted.
How to secure servers is a very extensive (and fun) topic. I'll note that clamav is next to worthless with only the default signatures, make sure you install some more (start with sanesecurity: http://sanesecurity.com/usage/signatures/). There's an inexpensive tool called 'ispprotect' put out by some of the ispconfig developers, you might look at that and consider supporting their work. https://www.howtoforge.com/tutorial/how-to-scan-linux-for-malware-and-rootkits/
