[Mortekai]

För alla som kör PHP kan jag bara säga PHPSUEXEC...finns inget skönare än att slippa alla fel konfigurerade kataloger och filer (men det står ju att katalogen/filen ska CHMODdas till 777....jaha, ska man ändra det efter installation....).

Andra saker som är användbart är:

csf - a full featured SPI (Stateful Packet Inspection) iptables firewall configuration application.

lfd - integrated with csf to block hacking attempts from your internet facing services and detects system intrusions/rootkits.

Rootkit Hunter - an essential tool in detecting possible root compromise and rootkit installation.

Chkrootkit - another essential tool in detecting possible root compromise and rootkit installation, it compliments rkhunter with a different detection approach.

mod_security - a security layer in apache that helps prevent exploitation of vulnerable web scripts. We will install and configure the optional cPanel mod_security module for Apache v1 and v2.

Host Spoof Protection - Helps prevent IP spoofing and DNS cache poisoning.

Name server configuration check - If the name server (bind) is running, check that it is functioning correctly and enable local DNS lookups.

Secure /tmp /var/tmp /dev/shm - remounted noexec and nosuid to add an additional layer of protection against web script hackers.

Delete unnecessary OS users - On a standard OS installation many user accounts are created that are not necessary and can therefore pose a security risk.

Disable open DNS recursion - Protection against abuse and poisoning of your local DNS cache if DNS server (bind) is running on the server.

Enhanced path protection - Help protect against clients and hackers browsing and accessing files outside of their account directories.

Remove SUID/GUID from binaries - On a standard OS installation many application binaries have SUID and GUID bits set that are not necessary and can therefore pose a security risk.

PHP hardening - Dynamic Library loading is disabled and commonly abused php functions disabled to help prevent hackers exploiting vulnerable PHP web scripts.

Libsafe for 2.4 kernels - Older OS's (e.g. FC1, RH9 and RH7.3) can benefit from libsafe that helps protect against hacker stack smashing techniques that can gain them root access.

Switch from proftpd to pure-ftpd - Pure-ftpd is considered more secure and lighter on server resources compared to proftpd on cPanel servers.

OpenSSH configuration check - is checked to ensure only SSHv2 protocol is enabled.

------------

Sen rekommenderar jag att stänga av all SSH för kunderna och regelbundet rotera portnummer för att undvika problem genom SSH.

Mailscanner kan vara användbart om man har problem med eposten också.

För mig som inte är så förtjust i SSH så kan jag rekommendera ConfigServer Explorer: allows you to browse your disk structure and directories and perform shell tasks from within WHM which can be very helpful if SSH fails for any reason.