Dotan Cohen
2012-May-10 14:56 UTC
[CentOS] Disabling stock firewall and SELinux for ISPConfig
I have been reading a tutorial on configuring and securing a CentOS 6.2 machine: http://www.howtoforge.com/perfect-server-centos-6.2-x86_64-with-apache2-ispconfig-3-p3 This tutorial bases the configuration on an application called ISPConfig. I am not sure that I like the idea of disabling the stock firewall and SELinux as the tutorial suggests, even with all the troubles that SELinux has given me in the past. What do those wiser than myself think about this? For some background, I will be setting up a rather bland server for serving a few websites. Thy will all be served via Apache, coded in PHP. I am concerned about correctly configuring a safe firewall for the system. So any advice particular to that would be much appreciated. Thank you! Dotan Cohen
Ljubomir Ljubojevic
2012-May-10 15:30 UTC
[CentOS] Disabling stock firewall and SELinux for ISPConfig
On 05/10/2012 04:56 PM, Dotan Cohen wrote:> I have been reading a tutorial on configuring and securing a CentOS 6.2 machine: > http://www.howtoforge.com/perfect-server-centos-6.2-x86_64-with-apache2-ispconfig-3-p3 > > This tutorial bases the configuration on an application called > ISPConfig. I am not sure that I like the idea of disabling the stock > firewall and SELinux as the tutorial suggests, even with all the > troubles that SELinux has given me in the past. What do those wiser > than myself think about this? > > For some background, I will be setting up a rather bland server for > serving a few websites. Thy will all be served via Apache, coded in > PHP. I am concerned about correctly configuring a safe firewall for > the system. So any advice particular to that would be much > appreciated. >In distant past I though of SELinux as burden. Now, I use it on every system I install. Take a look at Virtualmin (GPL). I prefer it instead of ISPConfig, and it has regular repository you can install and update from. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant