SOHO : Small Office Home Office
Freeware - Opensource software tips, tricks, tweaks & fixes for managing, securing, improving the performance of SOHO Desktop, Laptop, Networks

Saturday, March 31, 2012

How to secure a VPS

To disable Formmail in order to stop spam mails -

1) Command to find Mails -
find / -name “[Ff]orm[mM]ai*”

2) Command to find CGI mails -
find / -name “[Cc]giemai*”

3) To disable form mails -

chmod a-rwx /path/to/filename

this is will disable all the scripts.

B) Root kits should be installed -

- Set a root kit on a cron job, this will show if any one has hacked in the roots.
- Update the roots

1) Command to install chrootkit -

cd /root/
tar xvzf chkrootkit.tar.gz
cd chkrootkit-0.44

2) To run chkrootkit -


C) Installation of a root breach detector and warning of any emails -

pico .bash_profile

At the end of the page -


echo ‘ALERT – Root Shell Access on:’ `date` `name` | mail -s “Alert: Root Access from `the person accessing | awk ‘{print $6}’`”

Thereafter save the changes


2) To release an SSH message -

pico /etc/motd

thereafter enter the message

Save changes


D) Changes to be made in WHM/cpanel to secure server -

Log in to cpanel>Server setup>Tweak settings

a) Domains -

Prevent users from parking/adding domains.

b) Mail -

Prevent pop3 connections loading

c) System -

Jailshell should be used as a default shell for all the accounts.

d) Server setup>Tweak security
1) Enable php open_basedir Protection
2) Enable mod_userdir Protection

e) Server setup>Manage Wheel Group Users
1) Remove all other users except for root and main account users.

f) Server setup > Shell Fork Bomb Protection
1) Enable Shell Fork Bomb Protection

g) Service Configuration>FTP Configuration
1) Disable Anonymous FTP

h) Account Functions>Manage Shell Access
1) Disable shell access

I) Mysql>MySQL Root Password
1) Change root password

j) Security>Run Quick Security Scan>Trojan Horses -
1) The following are not Trojan -

No comments:

Post a Comment