Standard Server Hardening
Check Server Security
CHKRootKit : Detects hacker software and notifies via email
RootKit Hunter : A tool which scans for backdoors and malicious softwares present in the server.
APF or CSF : A policy based iptables firewall system used for the easy configuration of iptables rules.
SSH Securing : For a better security of ssh connections.
Host.conf Hardening : Prevents IP spoofing and dns poisoning
Sysctl.conf Hardening : Prevents syn-flood attacks and other network abuses.
FTP Hardening : Secure FTP software by upgrading to latest version
TMP Hardening : Hardening /tmp, /var/tmp, /dev/shm for preventing the execution of malicious scripts and codes.
PHP Tightening : Tweak PHP by changing the parameters of php configuration for better security and performance.
PHP Upgrade : Compile PHP to its latest stable version which increases server security.
Shell Fork Bomb/Memory Hog Protection : Protection against Telnet/SSH users using all of the server resources and causing a system crash.
Update Control Panel to latest version
Install Logwatch for investigating any suspicious activity on the server
Turn off unused services and daemons
Disabling Chargen to stop the server from being misused by an attacker in their efforts to disrupt another server.
ClamAV : Is a cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses
Notification of root access when someone login as root in the server along with the timestamp and ip address information.
Email Password Scan
Logwatch : Install Logwatch and review logwatch emails. Investigate any suspicious activity on the server.
IFTOP : Install IFTOP which displays a frequently updated list of network bandwidth utilization (source and destination hosts) that passing through the network interface
Turn off compilers. Most rootkits come precompiled but not all of them do. It will also prevent shell users from trying to compile any irc related programs.
Enable PHP open_basedir Protection : PHP open_basedir protection prevents users from opening files outside of their home directory with php.