How To Secure /tmp and /dev/shm partition
Keep you server clean of rookits is a good idea to get a good security level. A sysadministrator can create a seperate partition for /tmp and mount it with noexec and nosuid parameters. And to do it is not necessary to reboot or repartition your drive.
1. First you should secure /tmp:
Read more…
.Htaccess IP Banning IP Block Bad Visitors
Increase your web site’s security by blocking bad visitors with .htaccess. If you have nuisance visitors, site scrapers, or spammers, you may want to add some lines of code to your .htaccess file that will block bad visitors by IP address or by blocks of IP addresses. You want to be careful though that you don’t ban blocks of IPs carelessly as you may end up banning potential customers or other valid site visitors. Also, nothing is completely foolproof as the user can always use another IP address, but I’ve found that this does reduce the number of troublesome incidents.
Secure Directories by IP Address and/or Domain
# allow all except those indicated here
order allow,deny
allow from all
deny from 190.115.67.200
deny from .*yourdomain\.com.*
Read more…
How to install (D)DOS-Deflate
What is DOS-Deflate?
(D)DoS Deflate is a shell script developed by Zaf, originally for use on MediaLayer servers to assist in combating denial of service attacks. However, it was seen to be very effective for our purpose, and therefore was released as a contribution to the web hosting community. (D)DoS Deflate is now used by not only many web hosts, but by many people who run their own servers looking for additional security in dealing with such attacks.
How to install
Read more…
Disabling Direct Root Login (SSH)
Disabling root login will force any attempted hackers to use 2 passwords making the odds of him breaking in even harder. Now we know you don’t have to use two seperate passwords but if you don’t you are making it easier for someone to break into your server.
If you’re using cPanel make sure you add your anotheruser user to the ‘wheel’ group so that you will be able to ’su -’ to root, otherwise you may lock yourself out of root.
Set up anotheruser if you haven’t already got one:
How To Install RootCheck
RootCheck scans the system looking for possible trojans, scans the ports for malicious activity and checks for rootkits and also the logs, permissions and more.
Installation Instructions
Read more…
Securing PHP
Well PHP is one of the most popular applications that run on Linux and Windows servers today. It’s also one of the main sources for servers and user accounts getting compromised. I want to go over some of the things you can do to help lock down PHP, securing php and securing php.ini
First off you want to figure out how you can edit php.ini This is the main configuration file for PHP. You can find it by logging into shell and typing in the following:
# php -i |grep php.ini
Turn on safe_mode
Safe mode is an easy way to lock down the security and functions you can use. PHP.net explains php safe_mode as, “The PHP safe mode is an attempt to solve the shared-server security problem. It is architecturally incorrect to try to solve this problem at the PHP level, but since the alternatives at the web server and OS levels aren’t very realistic, many people, especially ISP’s, use safe mode for now.”
Read more…
How to install KISS Firewall
What is KISS My Firewall?
KISS My Firewall is a FREE iptables script designed for a typical web server. It takes advantage of the latest firewall technologies including stateful packet inspection and connection tracking. It also contains some preventative measures for port scanning, DoS attacks, and IP spoofing, among other things.
KISS My Firewall 2 is very easy to install and does not require any initial configuration. It will work with any stock installation of Ensim WEBppliance Basic & Pro, Plesk, and Webmin. Cpanel installations require some modifications. Available at: http://www.geocities.com/steve93138/
What’s New in Version 2 ?
The biggest change is that it does not require any initial configuration. With version 2, you won’t automatically lock yourself out of your server unless you set some of the variables incorrectly. It also does extensive error checking and is distributed as a tar file. This solves a lot of the issues that were present with the older version. In addition, version 2 is highly configurable and was tested to work with the latest version of iptables – version 1.2.8.
HOW TO: Install KISS My Firewall
Read more…
How to install mod_security
What is mod_security ?
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella – shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
Rfx Networks Recommended:
“mod_security is great and I encourage it be used by everyone; it does have the potential to break some web applications but so far iv seen very few issues to say the least. Likewise it is easy to fix any applications that may break with the granular filter rules that can be setup to either deny or allow certain content. Overall mod_security is a needed addition to apache, providing a layer of security yet unseen for apache. I highly encourage you read the reference document on the modsecurity.org site (under documentation) to better understand each directive and the role it plays in protecting your server and sites.”
Requirements:
Apache Web Server 1.3x or 2.x
How to install ?
Read more…
How To Install RKHunter
“Rootkit scanner is scanning tool to ensure you for about 99.9%* you’re clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by running tests like:
- MD5 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
Rootkit Hunter is released as GPL licensed project and free for everyone to use.
* No, not really 99.9%.. It’s just another security layer”
“www.rootkit.nl”
RKhunter is compatible with the most popular Hosting Control Panels like cPanel, Directadmin, Plesk etc.
Install Rkhunter:
Read more…
Loading ...