hello all im a new webmaster i have rent a VPS i have a ask for u how to increase my VPS Sevurity to prevent DOS/DDOS RFI LFI etc etc plz help me
find out what the host is running in terms of security on the box which your VPS is hosted on. for ddos, if you can stop it at the FW and router, you should be fine (thats a host end issue so inquire with the provider to see what options are availible.) As far as web application security goes, mod security is a great security tool, and good coding in web applications is the front line defence to stop LFIs/RFIs, SQL injections and so on.
as far as DDOS, you can't really prevent that, but you can find out where its coming from and block the assailient from further hitting your router.
None of you have really told him what to do....? eth0.us - basic guides on setting up linux hosting servers, some security related guides. ( WARNING : VERY BASIC ) Make sure you get iptables management installed, ensure you have it all setup correctly. Do some tests ( e.g GFI LAN scanner is a good port scanner and vuln scanner ) Ensure you tweak security options/configurations for any communications daemon(s). ( OpenSSH, Mail, FTP, GS's ) Web security - RFI protection - MOD_Security, mod_dosevasive, mod_monitor, mod_snortdapi
just install firewall and block unnecessary ports. use iptables. see: http://www.mysql-apache-php.com on installation Also APF-firewall is very good, certainly an option to consider
If it is Linux with cPanel and you have iptables available you are so lucky.. Just install CSF and follow the instructions at the "Check server security" page.It will help you so much. You can find information about CSF here http://www.configserver.com/cp/csf.html And here is the installation guide. http://www.configserver.com/free/csf/install.txt