ispCP Documentation howto:security

Haz ispCP mas seguro

Wed, 14 May 2008 16:57:32 +0200

Aquí puedes encontrar algunas ideas para hacer tu servidor mas seguro. No hay ningún tipo de garantía así que usalo bajo tu propia responsabilidad. ===== 1.) Desactiva el “ServerSignature” en Apache (la firma que aparece cuando no muestra ningun tipo de contenido, puesto que revela información de tu sistema, sistema operativo, versión de apache, que tiene compilado...) por ejemplo:=====

1. Create the SSL CA

Thu, 20 May 2010 16:19:15 +0200

This Howto explains how you can create your own SSL Certification Authority and then secure multiple services (Apache, Courier, Postfix, ProFTPD). [Thanks for the SSL-CA-Part goes to 1.1 Install the openssl-package At first, you have to install the openssl package:

Environment

Sat, 28 Feb 2009 18:41:00 +0200

Iwatch is a programm to control the filesystem in realtime. It is a simple perlscript that controls changes in specific directories/files und sends notifications by email. The list of monitored objects is read from a xml-configurationfile. The kernel must support inotify. (Linux-Kernel >= 2.6.13).

howto:security:instalar_mod_security_en_debian

Fri, 19 Nov 2010 12:25:58 +0200

En esta ocasión vamos a redactar en simples pasos, como poner en producción el modulo del apache mod_security. modSecurity™ es un firewall de aplicaciones Web embebible que ejecuta como módulo del servidor web Apache, provee protección contra diversos ataques hacia aplicaciones Web y permite monitorear tráfico HTTP, así como realizar análisis en tiempo real sin necesidad de hacer cambios a la infraestructura existente. Sitio web:

Make ispCP more Secure

Tue, 09 Feb 2010 03:26:29 +0200

Here you can find some stuff to make your Server more Secure. Absolutely no warranty, use it at your own risk. 1.) Disable the Apache ServerSignature like this one Apache/2.2.3 (Debian) mod_fastcgi/2.4.2 mod_perl/2.0.2 Perl/v5.8.8

HowTo install mod-security2 on Debian

Wed, 24 Dec 2008 10:19:18 +0200

How to install latest mod-security on debian lenny (probably applicable to other debian based distributions), there are .debs available but they are out of date so you need to install it manually. In my opinion no apache server should be without mod-security, it helps filter out a lot of potential security holes in software to help protect your webserver, this has saved me a number of times when running beta/old code like vhcs/ispcp or code like phpbb/wordpress/other popular web software.

1. Installing dependencies

Sat, 24 Apr 2010 11:32:19 +0200

In these pages there are several Howtos about creating and installing ssl certificates. Altought most of them are correct, they generate too many certificates and lack a common directory where to store the certs. You can go to this page on the forum for more information or discussion about this page.

Security

Thu, 24 Dec 2009 11:29:21 +0200

Security * Make ispCP more Secure * Create your own SSL CA and secure multiple services * An easier setup to install ssl * Mod Security on Debian * Control Filechanges with iWatch on Debian System