How to perform the Linux Sever Hardening?

1. Check the hostname is setup or not - hostname

2. Check the IP address is assigned to hostname or not - hostname -i

3. yum update

4. Check open_basedir, it should be enabled.

5. Check mod_userdir , it should be enabled.

6. Disable the php functions from server -
 
vi /usr/local/lib/php.ini 
disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set

Security Check Score
Install :- http://linuxtechme.wordpress.com/2011/12...hkrootkit/

Chkrootkit -

cd /usr/local/src
wget http://www.spenneberg.org/chkrootkit-mir...kit.tar.gz
tar -xvzf chkrootkit.tar.gz
cd chkrootkit-*
make sense
./chkrootkit
# crontab -e
0 1 * * *
(cd /usr/local/src/chkrootkit*; ./chkrootkit 2>&1 | mail -s “chkrootkit output” serveralerts@hostthename.com)

Restart CROND service - 
/etc/init.d/crond restart

cmm -

cd /usr/local/src
wget http://www.configserver.com/free/cmm.tgz
tar -xzf cmm.tgz
cd cmm
sh install.sh
cd ..

cmq - 

wget http://www.configserver.com/free/cmq.tgz
tar -xzf cmq.tgz
cd cmq
sh install.sh
cd ..

cmc - 

wget http://www.configserver.com/free/cmc.tgz
tar -xzf cmc.tgz
cd cmc
sh install.sh
cd ..

cse -
wget http://www.configserver.com/free/cse.tgz
tar -xzf cse.tgz
cd cse
sh install.sh
cd ..

Run UPCP - /scripts/upcp --force
That's it! Smile

######################################################
You can reply as follow - 
######################################################

Hello,
Server security has been completed.
Hostname:  Your Hostname 
Server IP : Your IP address 
SSH port : Your 
Root Password: - Your WHM password
------------Server Hardening------------
1) Secure SSHD Port -->  SSH Port 
2) sysctl.conf has been hardened to prevent DDOS attack, TCP/IP stack from syn-flood attacks, and other various and similar network abuse.
3) host.conf has been hardened to prevent DNS lookup poisoning and also provide protection against spoofs.
4) nsswitch.conf has been hardened and optimized to perform DNS lookups more efficiently.
5) Temporary directory has been secured already.
6) Security Updates as released by OS and/or Control Panel by me.
7) Unwanted services has been disabled already.
8) PHP Open_Basedir Protection has been enabled already.
9) mod_userdir Protection enabled by me.
10) Shell Fork Bomb/Memory Hog Protection has been enabled. Fork Bomb/Memory Hog protection will prevent users logged into a shell (ssh/telnet) from using up all the resources on the server and causing a
crash.
11) Background Process Killer has been enabled to kill any of the following which are commonly recognized bad processes: 
BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink and related services.
12) Root Login Email Notifications has been configured already.
------------Service/Application Optimizations------------
1) Tweaking and Optimizing Apache2.2 has been done for better performance.
2) MySQL Optimization has been done for better performance.
3) Your FTP server Pure-FTPD software has been upgraded and secured.
4) Exim Mail Services Optimization
5) Configuring Anti-Spam Features to Reduce Spam ( Enable RBL ACLs, SPF Protection, & Spam Assassin Configurations )
6) PHP5 Optimization and Hardening has been done.
 -PHP Running as suPHP
  -PHP hardening done by disabling security functions
"disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set"
------------Security Check/Installation------------
1) CSF has been installed and configured on your server with a sever security check score of 134 out of 143, which is quite good.
2) ClamAV Antivirus (Integrating Exim) has been installed and updated with latest virus definitions already.
3) Malware detector has been installed already.
4) Chkrootkit as been installed by me.
5) Mod-Security has been installed with Advanced Rules already.
6) ConfigServer ModSecurity Control (cmc) installed by me.
7) ConfigServer Mail Manage (cmm) installed by me.
8) ConfigServer Mail Queues (cmq) installed by me.
9) ConfigServer Explorer (cse) installed by me.
------Additional:------
ConfigServer Explorer has been installed into WHM with root level permissions. This allows system root files to be edited in an emergency situation when SSH is not accessible. You can access this by logging into WHM and click this link at the bottom left side.
------Post-Security check------
1) Site are functional properly.
2) All the services are working properly.
3)All modules installed with license.
######################################################################

Was this answer helpful?

 Print this Article

Also Read

How to backup and restore large MySQL databases using mysqldump?

1. Backup database: #mysqldump -u username -p[username_password] databasename >...

How to update kernel on centos server?

Please follow below steps to update the kernel on centos server - 1. SSH of centos server and...

How to run the backup process which is stuck using rsync?

While running the backup process, I was getting the error message as - /usr/bin/rsync -rlptD...

How to install ZendOpcache on CentOS?

The Zend OpCache provides faster PHP execution through opcode caching and optimization. It...

How to setup PPTP VPN?

A Point-To-Point Tunneling Protocol (PPTP) allows you to implement your own VPN very quickly, and...

Powered by WHMCompleteSolution