Well i just got the 512SRV from http://thesrv.com/vps/ and im wondering what security i need to instal, ect ect?
+rep for helpies
Ross
Printable View
Well i just got the 512SRV from http://thesrv.com/vps/ and im wondering what security i need to instal, ect ect?
+rep for helpies
Ross
Is it going to be a public or private server and will it have cPanel?
I'd setup (mainly for a public server):
- Notifications on root SSH login
- ClamAV antivirus
- Block PHP functions you don't need that may be used in shell scripts
- Install lfd, tripwire, rkhunter, chkrootkit
- Use IPTables or something to block people after 10 failed FTP/SSH attempts
- Use Mod_Security on Apache
- PHP Suexec
- Use secure passwords with punctuation
- Use PHP open_base dir
- Jail SSH access to the user's home directories
No im trying to find which package to get, it def wont have cpanel if you click order and see the packages im not entirely sure which ones best for what i need, the sever will be used for smstopaypal so it'l be public.
Ross
Ah ok!
CentOS 5.5 is the best one for a webserver IMO, you'll find loads of support for it because generally it's what people use for services like yours. Ubuntu is easier, but it isn't as stable as CentOS.
Get CentOS or Debian on it (my preference is CentOS) and install Virtualmin (it's free).
Virtualmin is a free control panel that will install all the basics for you - apache, php, mysql, mail servers, clamav
From a completely fresh installation of the operating system (no custom repositarys or anything) login as root
# wget http://software.virtualmin.com/gpl/scripts/install.sh
# sh install.sh
say yes when it asks.
# yum update (if on CentOS) apt-get upgrade (if on Debian)
When it's finished (it will take a while) visit https://youripaddressordomain:10000
You can view email accounts etc from https://youripaddressordomain:20000 once you've got domains set up.
I'm not that security conscious and leave things at that, but as you're dealing with money and customer details you're going to want to secure things a little.
Change the SSH port to something over 10000 and take a look at some things on Tom's list.
ross if you message me when your on msn next time i can help you with almost all this
unless it is absolutely necessary i wouldn't use a control panel at all and just use sftp if at all possible
Were also wanting to have more than 1 domain connected, thus pretty much having 4-5 accounts. for different sites (our network of sites pretty much) would i need additional software for that?
+Colin i'v msged u
virtual admin, kloxo or any other control panel will allow that
If you need to ask this question your VPS will be crazy insecure. I suggest you do get someone who knows what they're doing to set it up for you.
A default installation of CentOS/Debian is pretty secure as it is other than the SSH port. It's when you start changing things/installing things that it becomes less secure and especially when you have other people accessing SSH.Quote:
Originally Posted by MattFr