Securing linux
APF Firewall Installation - Secures your server against internal and external attacks
Secure /tmp and /var/tmp - prevent malicious code execution
Disable insecure PHP Functions - prevents many common website exploits
Disable telnet and direct root logins
Root login email alerts
Brute Force Detection - helps prevent and divert brute force attacks
Hardening /etc/hosts and /etc/resolv.conf - helps prevent dns spoofing
Sysctl.conf hardening and tuning - helps prevent DoS attacks, as well tunes tcp for increases performance
Libsafe Installation - prevents stack overflow attacks
Kernel Update with Grsecurity
mod_security apache Installation - secure apache against common attacks
mod_dosevasive - apache DoS protection
Daily security scans setup (chkrootkit and rkhunter)
System Integrity Monitor - check regularly that all your services are up and running
Mask apache, exim, and named versions
Disable unused and insecure services
Limit get, fetch, and compiler use
Update apache, cPanel, and other system software
Linux Socket Monitor - prevent unpriviledged users from opening sockets
Secure /tmp and /var/tmp - prevent malicious code execution
Disable insecure PHP Functions - prevents many common website exploits
Disable telnet and direct root logins
Root login email alerts
Brute Force Detection - helps prevent and divert brute force attacks
Hardening /etc/hosts and /etc/resolv.conf - helps prevent dns spoofing
Sysctl.conf hardening and tuning - helps prevent DoS attacks, as well tunes tcp for increases performance
Libsafe Installation - prevents stack overflow attacks
Kernel Update with Grsecurity
mod_security apache Installation - secure apache against common attacks
mod_dosevasive - apache DoS protection
Daily security scans setup (chkrootkit and rkhunter)
System Integrity Monitor - check regularly that all your services are up and running
Mask apache, exim, and named versions
Disable unused and insecure services
Limit get, fetch, and compiler use
Update apache, cPanel, and other system software
Linux Socket Monitor - prevent unpriviledged users from opening sockets
