[HowTo] Make ispCP more Secure !

[HowTo] Make ispCP more Secure ! - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Contributions Area (/forum-40.html)
+--- Forum: Howtos (/forum-41.html)
+--- Thread: [HowTo] Make ispCP more Secure ! (/thread-257.html)

Pages: 1 2 3 4 5

RE: [HowTo] Make ispCP more Secure ! - BeNe - 06-08-2007 04:29 AM

Thanks - i do my best.
There are some new Topics about it in my mind Wink

RE: [HowTo] Make ispCP more Secure ! - smallFire - 06-25-2007 11:57 PM

I just updated the Wiki - mod_evasive module for preventing DOS-attacks is included.

RE: [HowTo] Make ispCP more Secure ! - fulltilt - 10-21-2007 07:08 PM

Hi BeNe,

some questions:

the howto > ssl postfix ...
if i install it like your howto ... can postfix handle with both > ssl and without ssl?

I have server running with ispCP & one with vhcs.
The vhcs server will be upgraded if rc3 is released, but i want to install awstats now. By upgrading to ispCP ... did i have to remove first awstats before upgrading to ispCP and could you suggest a good awstats howto?

RE: [HowTo] Make ispCP more Secure ! - BeNe - 10-21-2007 07:34 PM

Quote:if i install it like your howto ... can postfix handle with both > ssl and without ssl?

Yes Postfix can both. You only need to change the port on the clients.

Quote:could you suggest a good awstats howto?

Not really. There is many to do if you want to install it manually.
You need the templates, cron entry´s and so on...

Greez BeNe

RE: [HowTo] Make ispCP more Secure ! - fulltilt - 10-21-2007 11:32 PM

Hi BeNe,

i followed the howto but getting this error log:

Code:

/etc/courier/pop3d.pem: error:02001002:system library:fopen:No such file or directory

BeNe Wrote:Yes Postfix can both. You only need to change the port on the clients.

RE: [HowTo] Make ispCP more Secure ! - BeNe - 10-21-2007 11:36 PM

Which HowTo ?
There are two about SSL and Mailservices.

-> http://www.isp-control.net/ispcp/wiki/howto_secure
-> http://www.isp-control.net/ispcp/wiki/howto_SSL_CA

Did you do this ?

Code:

Put the Certificates under /etc/courier:

cd /etc/courier

cp /root/RootCA/server/courier.pem .

chmod 400 courier.pem

ln -s courier.pem imapd.pem

ln -s courier.pem pop3d.pem

Greez BeNe

RE: [HowTo] Make ispCP more Secure ! - fulltilt - 10-21-2007 11:42 PM

thanks for quick answer,

i installed like this:
http://www.isp-control.net/ispcp/wiki/howto_secure

BeNe Wrote:Which HowTo ?
There are two about SSL and Mailservices.

-> http://www.isp-control.net/ispcp/wiki/howto_secure
-> http://www.isp-control.net/ispcp/wiki/howto_SSL_CA

Did you do this ?

Code:

Put the Certificates under /etc/courier: cd /etc/courier cp /root/RootCA/server/courier.pem . chmod 400 courier.pem ln -s courier.pem imapd.pem ln -s courier.pem pop3d.pem

Greez BeNe

RE: [HowTo] Make ispCP more Secure ! - BeNe - 10-21-2007 11:50 PM

Then test the other one, please.
So i will delete one of them.

Hope this works!
Greez BeNe

RE: [HowTo] Make ispCP more Secure ! - fulltilt - 10-21-2007 11:54 PM

Hi BeNe,

i think the problem is that you have to change in:
/etc/courier/imapd-ssl
/etc/courier/pop3d-ssl

the path >
TLS_CERTFILE=/etc/courier/pop3d.pem
to:
TLS_CERTFILE=/usr/lib/courier/pop3d.pem

or the location of the .pem files

am i right?

BeNe Wrote:Then test the other one, please.
So i will delete one of them.

Hope this works!
Greez BeNe

RE: [HowTo] Make ispCP more Secure ! - BeNe - 10-22-2007 12:16 AM

Looks good to me!
You can also search for the .pem files if you are not sure in which directory they are and set the Path to the file in the config.

Greez BeNe