How to Optimize and Secure a Virtual Private Server (VPS) and Virtual Dedicated Server (VDS)
This article covers a wide range of methods for securing and optimizing your VPS/VDS. We do not provide any warranty for this article, so if you are not sure what you are doing please make sure you research before you do it.
Secure cPanel/WHM and the Root User on VDS:
Checking for formmail:
Form mail is used by hackers to send out spam email, by relay and injection methods. If you are using matts script or a version of it, you may be in jeopardy.
Command to find pesky form mails:
CGIemail is also a security risk:
Command to disable form mails:
(this disables all form mail)
If a client or someone on your vps installs form mail, you will have to let them know you are disabling their script and give them an alternative.
Check for a root kits via a cron job, by doing this you will regularly check if your server is comprised, and you will be sent regular reports.
To install chkrootkit, login to the server as root and on the command line interface type:
To run chkrootkit, type the following on the CLI:
To ensure the highest level of security setup a cronjob which emails you the results on a regular basis.
If an unauthorized person gains access to root, you want to be notified - you can do so by doing the following while logged into root:
Where firstname.lastname@example.org is your email address.
Save an exit vi: :wq
To change the SSH Legal Message (displayed when you login via SSH), edit /etc/motd to display the message you wish to show.
By default cPanel/WHM is not setup securely and efficiently, so you will want to optimize the cPanel/WHM settings by doing the following:
Go to: Server Setup -> Tweak Settings
Under Domains tick:
Under Mail tick:
Under System tick:
Go to: Server Setup -> Tweak Security
Go to: Server Setup -> Shell Fork Bomb Protection
When creating reseller packages, be sure to:
Go to: Service Configuration -> FTP Configuration
Go to: Account functions -> Manage Shell Acess
Go to: MySQL -> Manage Root Password
Go to: Security -> Quick Security Scan for Trojan Horses, and make sure you don't have any of the following infected:
If you are running cPanel:
If you are not running cPanel:
Restict SSH access:
Parts of this article were obtained from forum postings on WHT.
© Copyright 2003-2010
ABN 97 125 618 662