Make sure all system packages are updated. Shut off all unnecessary services and make sure the ones you leave running are properly configured. If you can, remove any web admin tools and stick to using SSH with a reasonably lengthy key or very good passwords. Disable direct root login. Configure access for SSH, and any other critical service, and restrict it by username and IP address. Whenever possible, configure your services to run as non-privileged users and use non-privileged logins for accessing the DB etc. Check all your applications for potential security holes and make sure everything is secure in that area. Finally, have a good firewall as the first line of defence. This is just a summary and there's lots more you can and should do.
Here are some more tips for a Linux server with increasing complexity: -Subscribe to all security mailinglists of all applications you run on the system -Keep your system up-to-date -Avoid default configuration like domain.xyz/phpmyadmin -Control all logs on a regular basis -Disable all unneeded services -Run rkhunter and chkrootkit every once in a while -Use a safe php.ini, PHPsuexec and suhosin -Use denyhosts to block SSH attacks -Disable SSH login, use public key authentication instead -Use AIDE to check the integrity of important system binaries -If possible compile everything needed into the kernel and disable loading of modules -Use mod_security (web application firewall) -Use ACLs (access control lists) -Monitor the server with Nagios and Cacti -Configure iptables -Use SNORT to detect/prevent intrusions -USE GRsecurity for kernel level security -Use SELinux
sorry sir im new in this field. i dont know about this sir im use ConfigServer Security & Firewall - csf v3.06 & modesecurity it is good ?
I have no experience yet with ConfigServer, but the feature list looks really good, wow, I didn't know this. And it works together with mod_security, has IDS functionality. Instead of installing additional software I would recommend to first study the documentation of this package and its logs as well as possible to get most out of it. If you run PHP you should use a safe php.ini. rkhunter and chkrootkit are programms you can just run from the command line to check for rootkits. All other measures need more or less deep knowledge, so there is no way around google and docu.
register_globals = Off allow_url_fopen = Off display_errors = Off open_basedir = [path to the directory of the web server / virtual host] safe_mode = On All Done Thanks
The 4 most important things to do is: -> Install APF firewall by blocking unwanted ports -> Change SSH port and use key authentication -> If you run DNS make sure DNS is not open (check with dnsstuff.com) -> Install rkhunter i had recently a bot doing lot of attacks on port 22 (ssh), so make sure you monitor logs in /var/log/secure if you dont know which ports are open use this command. You can see important linux commands here ->
hi, We have coined all the steps required to secure the servers at a single page. Here comes the steps that we usually take for the first level securing of the servers. maestriatech.com/instruction.php
You can also protect from DoS attacks by using this free script I found: Basically, it blocks any IPs that tries to access your server more than like 30 times per seconds or somethin: Install this: http://deflate.medialayer.com/ and here's a little howto for iptables if you get even more DoS attacks: http://www.zedomax.com/wiki/index.p...our_server_to_fight_Denial_of_Service_attacks
install ConfigServer Security & Firewall (csf) it's free and way better than apf http://www.configserver.com/cp/csf.html
Might be a good idea to remove password authentication and use certificates instead. (will not help against attacks on the ssh daemon itself)
the best solution to protect one's server is to use a ddos protection/mitigation service, only that way you can be secured from major scale attacks and prevent any downtime.
This is a big question and depends a great deal on what you are hosting on your dedicated server. If you are running a large scale site or gambling site then you may need to consider enhanced security measures from your hosting company such as ddos protection. However if you are running any thing up to a mid sized server there is 2 things you can do that will go long way in stopping the most common attacks. 1. Use strong passwords on all your ssh accsessible accounts. 2. Keep all software up to date. This includes Operating System, Applications and any web scripts you are running. Things like wordpress or phpbb etc. These are the two most common attack vectors from my experience and if you follow those two rules you will be a long way ahead of many dedicated / vps server owners. Now if you want to go further there is much to be learnt from google - read up on guides on securing your web server / operating system and follow the links. Read and Learn. Running a Nessus Scan against your server is also a great way to get a view of any obvious security vulnerabilities.
check this article: http://www.linuxdevcenter.com/pub/a/linux/2006/03/23/secure-your-server.html and this also: http://www.gentoo-wiki.com/Index:Security
Actually I had purchased linux dedicated server from http://www.eurekawebhosting.com and ask them for some tips for data server security but found one nice here. Thanks