»

Howto configure OSSEC for Directadmin

2009/09/16, 10:10

A quick howto configure your OSSEC installation for Directadmin web hosting panel




Step 1: Open OSSEC config for editing

nano -w /var/ossec/etc/ossec.conf

Step 1.1: Locate “Files/directories to ignore”, And add new lines

    <ignore>/etc/httpd/conf/extra/directadmin-vhosts.conf</ignore>
    <ignore>/etc/httpd/conf/extra/directadmin-vhosts.conf.back</ignore>
    <ignore>/etc/virtual/domains</ignore>
    <ignore>/etc/virtual/domainowners</ignore>
    <ignore>/etc/proftpd.passwd</ignore>
    <ignore>/etc/proftpd.vhosts.conf</ignore>
    <ignore>/etc/named.conf</ignore>

Direct Admin also uses these files when creating users, but i do not recommend you adding these files to the ignore list:

/etc/group
/etc/group-
/etc/passwd
/etc/passwd- 
/etc/gshadow
/etc/shadow
/etc/shadow-
/etc/gshadow-

Step 2: Restart OSSEC when your done editing

/var/ossec/bin/ossec-control restart
Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • email
  • PDF
  • StumbleUpon
  • Technorati
Category: Centos, OSSEC  |  Comment (RSS)  |  Trackback

Leave a Reply