What precautions should i take securing my new lxadmin vps , i know i need a firewall what do you recomend to use, i know apf is ighly recommended but is it compatible with my control panel any help would be great thanks
At the current time I don't think there are any known exploits in LX. So other than your firewall and secure passwords I think you are good to go.
APF will support anything, you just have to open the ports. Check to see which ports are open on your system and add them to the APF configuration file. Just because there are no exploits in lxadmin doesnt mean there arent any on the system, there are plenty of other steps you should go through, I will list a few, but if you need professional help, contact me. >> Disable apache identification outputs. >> Secure SSHD Daemon. Disable direct root login, change default SSH port. >> Disable unncecesary system default accounts. >> Disable insecure PHP functions to prevent execution of malicious scripts. >> Modify/enable various Kernel (sysctl.conf) settings for performance/security. >> Setup Denial of Service (DDoS) and SYNFLOOD protection. >> Secure and harden /tmp and /var/tmp. >> Change permissions on compilers and fetch utilities. [root only] Of course there is a lot more like brute force detection and others, but it depends how much security you WANT.
i already done most of that just not this one ">> Setup Denial of Service (DDoS) and SYNFLOOD protection." what do you suggest for that
Securing the server depends on the applications you are running on the server. Its a false thinking that installing an APF will configure the server. There are a lot of things to do ranging from compiling the kernel (you doesn't want it since you have a VPS) to securing the web server. Its better to contact an expert to do that for you to avoid problems in future.