|
|
| Line 1: |
Line 1: |
| - | 5 Important Ideas To Locking Down A VPS Server
| + | FBUzC2 Spot on with this write-up, I really think this website needs way more consideration. I'll probably be again to learn much more, thanks for that info. |
| - | | + | |
| - | Securing your VPS server is a very important action to save you from virtual crime. As they say, prevention is better than cure, so you should keep your VPS server protected as early as possible. There are a number of basic steps that will help secure your Linux VPS hosting. The five most important steps are as follows:
| + | |
| - | | + | |
| - | Installing a Fire wall
| + | |
| - | | + | |
| - | A firewall can keep unauthorized users and other harmful viruses out of your VPS UK and Windows VPS host. You can also install other related tools such as CSF (Config Server Firewall), SIM (System Integrity Monitor), NSIV (Network Socket Inode Validation) and LES (Linux Environment Security). Although adding a firewall means that you need to open extra ports if you want to install new applications and programs, the added security is well worth the extra effort.
| + | |
| - | | + | |
| - | Installing root kit Hunter
| + | |
| - | | + | |
| - | Of course, some viruses like root kits, backdoors, local exploits, and Trojans can be sneaky enough to pass through a firewall. This is what a root kit hunter is for. You can use it to detect any flaws in your UK VPS hosting service. If you want to install a root kit hunter, the following steps need to be followed.
| + | |
| - | | + | |
| - | a. Using your SSH as root login to your server. [ ~]# cd /usr/local/src/
| + | |
| - | | + | |
| - | b. Make sure you have the latest version of RKHunter. [ ~]# wget rkhunter.1.3.2.tar.gz
| + | |
| - | | + | |
| - | c. Extract files [ ~]# tar -xzvf rkhunter-1.3.2.tar.gz
| + | |
| - | | + | |
| - | d. [ ~]# cd rkhunter-1.3.2
| + | |
| - | | + | |
| - | e. [ ~]# ./installer.sh
| + | |
| - | | + | |
| - | f. RKHunter will then send you daily scan reports via email. [ ~]# pico /etc/cron.daily/rkhunter.sh The above steps will ensure that you will install a root kit hunter successfully.
| + | |
| - | | + | |
| - | /tmp partition security
| + | |
| - | | + | |
| - | Most of the attacks and exploits use /tmp to work out of any propagate themselves. You can protect yourself from such attacks by mounting /tmp with stops, namely "noexec" and "nosuid", which can make sure that executables can't be run from /tmp without escalated privileges. By adding none /tmp tmpfs nodev,nosuid,noexec 0 0 in "/etc/fstab" you can further secure your computer. After doing so, save the file and reboot the VPS, now vps get mounted with "nosuid" and "noexec".
| + | |
| - | | + | |
| - | Installing ModSecurity
| + | |
| - | | + | |
| - | ModSecurity is an open source intrusion detection and prevention engine for web applications and helps in preventing attacks on programs that would be vulnerable; it acts as a powerful shielding application from attacks. ModSecurity supports both branches of the Apache web server.
| + | |
| - | | + | |
| - | PHP suEXEC
| + | |
| - | | + | |
| - | A PHP usually executes as the user or group (normally "apache" or "nobody") when it runs as an Apache Module. Suexec is a mechanism supplied with Apache that allows executing CGI scripts as the user they belong to, rather than Apache's user. Sometimes you may share serves with other users, and you can better protect yourself from them with these features in case they put in CGI content.
| + | |
| - | | + | |
| - | You can prevent external and internal infections in your VPS hosting UK by making use of the tips outlined here. You have to remember that your hardware and the files in it are extremely important, and should be protected from all possible dangers, be it Trojans, root kits, and other viruses. The old adage, "an ounce of protection is better than a pound of cure" is true in case of your VPS—it's better to spend now in order to prevent it rather than regret it later.
| + | |
FBUzC2 Spot on with this write-up, I really think this website needs way more consideration. I'll probably be again to learn much more, thanks for that info.
