I turned the firewall on in Server > Services. I went through the perfect setup, but is there anything I need to do before the server is secure? Thanks.
Just a firewall does not make your server safe. it just helps preventing some layer 2/3 based attack vectors or at least reduce them. There are things like weak passwords for ssh accounts, keeping your sw packages up2date e.g. in case of buffer overflow vulns allowing privilege escalations, weak webapps (like often upcoming bugs in several plugins for phpBB and others), etc. As you can see there won't be a single switch to make your server safe (even ppl of them you could think they know what they do got hacked -> rh / fedora server break in, lately)
I guess what I'm asking...is a brand new installation of ISPConfig's prefect setup with the firewall on considered reasonably secure?
I did apt-get install fail2ban, but do I need to do anything to configure it? Also, how do I disable root ssh logins? I'm guess that will mean I can't do anything remotely (outside of ISPConfig)? Thanks.
http://www.howtoforge.com/fail2ban_debian_etch Open /etc/ssh/sshd_config and set PermitRootLogin to no, then restart SSH. Afterwards, you must log in as a normal user first (that user must of course have shell access!) and then type Code: su to become root.
