This release introduces support for CentOS 7, adds some interesting new security features
and fixes several bugs in the remote API.
Intrusion Detection System
The ISPConfig interface now contains an IDS System to protect it against unknown threats and
vulnerabilitys. The IDS System consists of a scan engine for POST, GET and COOKIE
variables based on PHPIDS and an SQL query scanner to detect SQL injection attacks.
The IDS system does not replace any of the input and variable checks that are implemented in ISPConfig, the IDS adds a more generic check for all incoming variables in ISPConfig to build a second defense line.
For now, the IDS system is configured to add warnings in the ISPConfig System log only and not to block attacks. If you like to block attacks, set ids_block_level to a value between 5 and 20 in the security_settings.ini file. The checks are quite strict and it is possible taht you have to whitelist some addditional variables to avoid false positive warnings. Therefore I would like to ask you to help us to complete the whitelist.
The sql injection scanner is turned on by default while the intrusion detection system is turned off because the scan of all incoming variables can slow down the ISPconfig interface. You can turn the IDS on in /usr/local/ispconfig/security/security_settings.ini by changing “ids_enabled” to “yes” if you like to test this new feature.
How whitelisting in IDS works:
The IDS writes all alerts in whitelst file format to the file /usr/local/ispconfig/interface/temp/ids.log and the full warning message to the ispconfig system log in the interface. If you find that an alert is a false positive, then please post the alert message and line from ids.log here in the forum so we can check that and add it to the official whitelist.
You can find a detailed description on the IDS settings in the security README file in the
/usr/local/ispconfig/security/ folder.
See changelog link below for a list of all changes that are included in this release.
—————————————————–
– Download
—————————————————–
The software can be downloaded here:
http://prdownloads.sourceforge.net/ispconfig/ISPConfig-3.0.5.4p4.tar.gz
————————————
– Changelog
————————————
http://bugtracker.ispconfig.org/index.php?do=index&tasks=&project=3&due=82&status[]=
————————————–
– Known Issues:
————————————–
Please take a look at the bugtracker:
http://bugtracker.ispconfig.org
————————————–
– BUG Reporting
————————————–
Please report bugs to the ISPConfig bugtracking system:
http://bugtracker.ispconfig.org
—————————————-
– Supported Linux Distributions
—————————————-
– Debian Etch (4.0) – Wheezy (7.0) and Debian testing
– Ubuntu 7.10 – 14.04
– OpenSuSE 11 – 13.1
– CentOS 5.2 – 7
– Fedora 9 – 15
—————————————–
– Installation
—————————————–
The installation instructions for ISPConfig can be found here:
http://www.ispconfig.org/documentation/
or in the text files (named INSTALL_*.txt) which are inside the docs folder of the .tar.gz file.
——————————————
– Update
——————————————
To update existing ISPConfig 3 installations, run this command on the shell:
ispconfig_update.sh
Select “stable” as the update resource. The script will check if an updated version of ISPConfig 3 is available and then download the tar.gz and start the setup script.
Detailed instructions for making a backup before you update can be found here:
http://www.faqforge.com/linux/controlpanels/ispconfig3/how-to-update-ispconfig-3/
If the ISPConfig version on your server does not have this script yet, follow the manual update instructions below.
——————————————-
– Manual update instructions
——————————————-
cd /tmp wget http://www.ispconfig.org/downloads/ISPConfig-3-stable.tar.gz tar xvfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install php -q update.php
