VPS level.
* Disable direct root login.
* Change SSH port to a non-standard one (this port will be enabled in firewall).
* Secure /tmp
* Install root kit checkers like rkhunter and chkrootkit.
* Disable telnet.
* Install firewall CSF + LFD (for brute force protection).
* Enable Shell Fork Bomb/Memory Protection via WHM
Application level
* Disable ServerTokens and ServerSignature in Apache.
* Install and configure mod_security module for Apache.
* Enable suPHP and suexec for PHP protection.
* Disable harmful PHP functions like exec.
: After installing CSF make sure testing mode is turned OFF
Anzil Ali Liyakkath
anzil.ali@webhostrepo.com
* Disable direct root login.
* Change SSH port to a non-standard one (this port will be enabled in firewall).
* Secure /tmp
* Install root kit checkers like rkhunter and chkrootkit.
* Disable telnet.
* Install firewall CSF + LFD (for brute force protection).
* Enable Shell Fork Bomb/Memory Protection via WHM
Application level
* Disable ServerTokens and ServerSignature in Apache.
* Install and configure mod_security module for Apache.
* Enable suPHP and suexec for PHP protection.
* Disable harmful PHP functions like exec.
: After installing CSF make sure testing mode is turned OFF
Anzil Ali Liyakkath
anzil.ali@webhostrepo.com
No comments:
Post a Comment