How to perform the Linux Sever Hardening?

1. Check the hostname is setup or not - hostname

2. Check the IP address is assigned to hostname or not - hostname -i

3. yum update

4. Check open_basedir, it should be enabled.

5. Check mod_userdir , it should be enabled.

6. Disable the php functions from server -
 
vi /usr/local/lib/php.ini 
disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set

Security Check Score
Install :- http://linuxtechme.wordpress.com/2011/12...hkrootkit/

Chkrootkit -

cd /usr/local/src
wget http://www.spenneberg.org/chkrootkit-mir...kit.tar.gz
tar -xvzf chkrootkit.tar.gz
cd chkrootkit-*
make sense
./chkrootkit
# crontab -e
0 1 * * *
(cd /usr/local/src/chkrootkit*; ./chkrootkit 2>&1 | mail -s “chkrootkit output” serveralerts@hostthename.com)

Restart CROND service - 
/etc/init.d/crond restart

cmm -

cd /usr/local/src
wget http://www.configserver.com/free/cmm.tgz
tar -xzf cmm.tgz
cd cmm
sh install.sh
cd ..

cmq - 

wget http://www.configserver.com/free/cmq.tgz
tar -xzf cmq.tgz
cd cmq
sh install.sh
cd ..

cmc - 

wget http://www.configserver.com/free/cmc.tgz
tar -xzf cmc.tgz
cd cmc
sh install.sh
cd ..

cse -
wget http://www.configserver.com/free/cse.tgz
tar -xzf cse.tgz
cd cse
sh install.sh
cd ..

Run UPCP - /scripts/upcp --force
That's it! Smile

######################################################
You can reply as follow - 
######################################################

Hello,
Server security has been completed.
Hostname:  Your Hostname 
Server IP : Your IP address 
SSH port : Your 
Root Password: - Your WHM password
------------Server Hardening------------
1) Secure SSHD Port -->  SSH Port 
2) sysctl.conf has been hardened to prevent DDOS attack, TCP/IP stack from syn-flood attacks, and other various and similar network abuse.
3) host.conf has been hardened to prevent DNS lookup poisoning and also provide protection against spoofs.
4) nsswitch.conf has been hardened and optimized to perform DNS lookups more efficiently.
5) Temporary directory has been secured already.
6) Security Updates as released by OS and/or Control Panel by me.
7) Unwanted services has been disabled already.
8) PHP Open_Basedir Protection has been enabled already.
9) mod_userdir Protection enabled by me.
10) Shell Fork Bomb/Memory Hog Protection has been enabled. Fork Bomb/Memory Hog protection will prevent users logged into a shell (ssh/telnet) from using up all the resources on the server and causing a
crash.
11) Background Process Killer has been enabled to kill any of the following which are commonly recognized bad processes: 
BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink and related services.
12) Root Login Email Notifications has been configured already.
------------Service/Application Optimizations------------
1) Tweaking and Optimizing Apache2.2 has been done for better performance.
2) MySQL Optimization has been done for better performance.
3) Your FTP server Pure-FTPD software has been upgraded and secured.
4) Exim Mail Services Optimization
5) Configuring Anti-Spam Features to Reduce Spam ( Enable RBL ACLs, SPF Protection, & Spam Assassin Configurations )
6) PHP5 Optimization and Hardening has been done.
 -PHP Running as suPHP
  -PHP hardening done by disabling security functions
"disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open, allow_url_fopen, ini_set"
------------Security Check/Installation------------
1) CSF has been installed and configured on your server with a sever security check score of 134 out of 143, which is quite good.
2) ClamAV Antivirus (Integrating Exim) has been installed and updated with latest virus definitions already.
3) Malware detector has been installed already.
4) Chkrootkit as been installed by me.
5) Mod-Security has been installed with Advanced Rules already.
6) ConfigServer ModSecurity Control (cmc) installed by me.
7) ConfigServer Mail Manage (cmm) installed by me.
8) ConfigServer Mail Queues (cmq) installed by me.
9) ConfigServer Explorer (cse) installed by me.
------Additional:------
ConfigServer Explorer has been installed into WHM with root level permissions. This allows system root files to be edited in an emergency situation when SSH is not accessible. You can access this by logging into WHM and click this link at the bottom left side.
------Post-Security check------
1) Site are functional properly.
2) All the services are working properly.
3)All modules installed with license.
######################################################################

Was this answer helpful?

 Print this Article

Also Read

How to get files and folders from a remote server using FTP?

Let's make a quick start by looking at the various commands to get files and folders from a...

Daily Useful Linux Commands

Finding the username from provided hosting service name - /script/whoowns domain_name Finding...

How to update MySQL password?

Steps to update the MySQL Password - 1. First stop MySQL service by following command....

How to install MariaDB on CentOS 7?

1. Insatll MariaDB on server -  #yum install mariadb-server OR #yum install -y mariadb...

How to install SOAP on CentOS?

Install SOAP on CentOS 1) Fire below command - yum install php-soap Output will be as follow...

Powered by WHMCompleteSolution