How to perform the Linux Sever Hardening?

1. Check the hostname is setup or not - hostname

2. Check the IP address is assigned to hostname or not - hostname -i

3. yum update

4. Check open_basedir, it should be enabled.

5. Check mod_userdir , it should be enabled.

6. Disable the php functions from server -
 
vi /usr/local/lib/php.ini 
disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set

Security Check Score

Chkrootkit -

cd /usr/local/src
tar -xvzf chkrootkit.tar.gz
cd chkrootkit-*
make sense
./chkrootkit
# crontab -e
0 1 * * *
(cd /usr/local/src/chkrootkit*; ./chkrootkit 2>&1 | mail -s “chkrootkit output” serveralerts@hostthename.com)

Restart CROND service - 
/etc/init.d/crond restart

cmm -

cd /usr/local/src
tar -xzf cmm.tgz
cd cmm
sh install.sh
cd ..

cmq - 
tar -xzf cmq.tgz
cd cmq
sh install.sh
cd ..

cmc - 
tar -xzf cmc.tgz
cd cmc
sh install.sh
cd ..

cse -
tar -xzf cse.tgz
cd cse
sh install.sh
cd ..

Run UPCP - /scripts/upcp --force
That's it! Smile

######################################################
You can reply as follow - 
######################################################

Hello,
Server security has been completed.
Hostname:  Your Hostname 
Server IP : Your IP address 
SSH port : Your 
Root Password: - Your WHM password
------------Server Hardening------------
1) Secure SSHD Port -->  SSH Port 
2) sysctl.conf has been hardened to prevent DDOS attack, TCP/IP stack from syn-flood attacks, and other various and similar network abuse.
3) host.conf has been hardened to prevent DNS lookup poisoning and also provide protection against spoofs.
4) nsswitch.conf has been hardened and optimized to perform DNS lookups more efficiently.
5) Temporary directory has been secured already.
6) Security Updates as released by OS and/or Control Panel by me.
7) Unwanted services has been disabled already.
8) PHP Open_Basedir Protection has been enabled already.
9) mod_userdir Protection enabled by me.
10) Shell Fork Bomb/Memory Hog Protection has been enabled. Fork Bomb/Memory Hog protection will prevent users logged into a shell (ssh/telnet) from using up all the resources on the server and causing a
crash.
11) Background Process Killer has been enabled to kill any of the following which are commonly recognized bad processes: 
BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink and related services.
12) Root Login Email Notifications has been configured already.
------------Service/Application Optimizations------------
1) Tweaking and Optimizing Apache2.2 has been done for better performance.
2) MySQL Optimization has been done for better performance.
3) Your FTP server Pure-FTPD software has been upgraded and secured.
4) Exim Mail Services Optimization
5) Configuring Anti-Spam Features to Reduce Spam ( Enable RBL ACLs, SPF Protection, & Spam Assassin Configurations )
6) PHP5 Optimization and Hardening has been done.
 -PHP Running as suPHP
  -PHP hardening done by disabling security functions
"disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set"
------------Security Check/Installation------------
1) CSF has been installed and configured on your server with a sever security check score of 134 out of 143, which is quite good.
2) ClamAV Antivirus (Integrating Exim) has been installed and updated with latest virus definitions already.
3) Malware detector has been installed already.
4) Chkrootkit as been installed by me.
5) Mod-Security has been installed with Advanced Rules already.
6) ConfigServer ModSecurity Control (cmc) installed by me.
7) ConfigServer Mail Manage (cmm) installed by me.
8) ConfigServer Mail Queues (cmq) installed by me.
9) ConfigServer Explorer (cse) installed by me.
------Additional:------
ConfigServer Explorer has been installed into WHM with root level permissions. This allows system root files to be edited in an emergency situation when SSH is not accessible. You can access this by logging into WHM and click this link at the bottom left side.
------Post-Security check------
1) Site are functional properly.
2) All the services are working properly.
3)All modules installed with license.
######################################################################
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How to backup and restore large MySQL databases using mysqldump?

1. Backup database: #mysqldump -u username -p[username_password] databasename >...

How to change the port number of Apache Web Server?

Default port to access the Apache is 80. Secure port for communicating with world for Apache is...

How to install Memcached on CentOS?

Memcached is very fast caching system for MySQL. It is a distributed, high-performance, in-memory...

How to perform LAMP installation on CentOS?

LAMP stands for Linux, Apache, MySQL, and PHP. It is nothing but Linux operating system with...

How to update MySQL password?

Steps to update the MySQL Password - 1. First stop MySQL service by following command....

Powered by WHMCompleteSolution