Hi All Looking to setup a vps can you advise me on some basic security I should perform to secure the vps Many Thanks:
Hello, You should install chkrootkit, rkhunter,third party firewall like csf/apf+bfd,email alerts for root login, should disable few modules in php like exec,ssh_exec and so on , if you have cpanel then you should enable suhosin,suPHP,mod_security, disable direct root login, change ssh port to difficult digit, disable telnet,secure host.conf/sysctl.conf. It is big list...
It depends on what panel you have (other than the SSH changes). There are a lot of tutorials out there for cPanel servers. If you have cPanel, you should install CSF (config server firewall) and modify apache and tweak settings. If you have DirectAdmin, you can also install CSF.
yes, firewall is your first line of defense. close all unwanted ports. second, run ssh on different port than 22. check this tutorial
First you need to change port number for SSH .Check how to change port no at http://www.theperfectarts.com/2009/11/how-to-restrict-and-secure-ssh-access/ Secondly if you have cpanel server than install csf and configure it and check serevr security from your WHM >> main >> Plugins >> ConfigServer Security & Firewall No other things need to done once you complete above steps
You can also secure from WHM, if you are using cPanel sever/VPS. http://www.theperfectarts.com/2010/06/secure-server-from-whm/
What can you do to secure your VPS/dedicated server SSH * Disable root login * Change default SSH port * Create a new user on the server with a non generic name (someting like ant1r0l for example) and login via that user * Set up key based logins Firewall - CSF * Install CSF firewall * Configure it, if you are running a VPS server disable the Spamhouse/RBL IP block as it will fill your iptent fast and CSF will not work properly (Virtuozzo/OpenVZ servers) * Disable cPhulkd when running CSF * If you have enabled SMTP_BLOCK disable cPanel's SMTP Tweak Mount your /tmp directory into a file with a noexec (great HOWTO: http://forums.theplanet.com/index.php?showtopic=27771 ) - if you own a dedicated server, since VPS servers use main nodes /tmp this isn't needed. If you are running a cPanel server I suggest that you compile PHP to run trough a SuPHP handler as it provides more secure way to run php script (as the user under whose account they are at) instead of Apache's DSO module. Also don't forget to enable MailHeaders PHP module - this will help you track from where the email has been sent if there is an Abuse issue on your server. ** Harden your Exim - enable RBLs for it, enable for Exim to discard emails coming from servers with non valid rDNS entry.
for your VPS account you should always open (login) your parallel control panel, WHM panel and control panel using your hosting provider domain name and not to using your one domain. this sub domain provided by the host whenever you are purchasing any new VPS hosting account....because this recommended by the host as they have SSL login method, so any spammers can not go in side your domain....hope you'r understand.....
If you are using two factor radius authorization with one time passwords, your passwords are newer stored on server and always unique. You can tell me your OTP but i'm will never be able to use this password. Password is generated with software, hardware or SMS tokens (something you have). And with a PIN code (something you know). You can manage your server only through VPN and setup 2factor for VPN.