I've been running ISPConfig happily for a while now all under one server, one datacenter for my needs. I recently decided for the sake of availability I would also collocate at a second datacenter, which happens to be with a different provider. In looking through the mechanisms to replicate, I determined I needed to ask a couple security-related questions to determine what the best course of action would be. #1 - It looks like ISPConfig's default mechanism for replication is basically database replication. Is this correct? #2 - Assuming #1, is this done via any secure mechanism at all? Or is it done in the clear with the intention that all the machines would be behind the same firewall? Thanks much!
Nevermind... I have my answers after looking through the install.php script code and assorted HowTo's. Simply put, ISPConfig multiserver setups are envisioned to be run on a local network. There are no security considerations built in to ISPConfig's database replication and sharing functionality. That's not to say it can't be done, but rather there's nothing inherently built-in to ISPConfig itself to do so.
ISPConfig supports that you use ssl encrypted mysql connections, yut you will have to setup the ssl cert for the connection after you installed ispconfig as the installer can not set it up in mysql automatically.
Thank you for verifying that, Till. That's what I was alluding to with my reply, however it took a lot of digging around and the current HowTo's available aren't really specific to supporting this, which is understandable.
