Category Archives: VPS - Page 4

PHP-Suhosin

Posted by on July 17, 2010 Comments Off on PHP-Suhosin

A great article for installing PHP-Suhosin on Centos.

http://www.sklav.com/node/15

IPTables

Posted by on July 17, 2010 Comments Off on IPTables

Config IPTables to provide a firewall by only exposing ports you want to communicate through.

service iptables start

chkconfig iptables on

service iptables status

iptables -I RH-Firewall-1-INPUT 3 -p tcp -m tcp –dport 80 –tcp-flags SYN,RST,ACK SYN -j ACCEPT

/etc/init.d/iptables save

Mail

Posted by on July 10, 2010 Comments Off on Mail

Citadel

site:2000

Disable root logins

Posted by on July 10, 2010 Comments Off on Disable root logins

edit the setting in the ssh config found at /etc/ssh/sshd_config
PermitRootLogin no

then restrict the users that can log in using ssh, use spaces between names
AllowUsers alice bob

restrart sshd service
service sshd restart

Basic Hardening Prinicples

Firewall

Mail server install

Webalizer

Posted by on July 9, 2010 Comments Off on Webalizer

yum install webalizer
for i in /etc/webalizer/*.conf; do webalizer -c $i; done

Rsync rocks

Posted by on July 9, 2010 Comments Off on Rsync rocks

Need to transfer large amount of data between remote servers? Need to migrate your hosting to another provider? Rsync makes your life easy
rsync -ave ssh source.server:/path/to/source /destination/dir

-z add compression too!

Install AWSTATS CentOS

Posted by on July 9, 2010 Comments Off on Install AWSTATS CentOS

http://docs.cslabs.clarkson.edu/wiki/Install_AWStats_on_CentOS_5

Install RPM FORGE

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm

Install awstats
yum install awstats

Edit conf file.

nano /etc/httpd/conf.d/awstats.conf

make it look like this, however change the /dir/structure/ to point to the doc root of your web folder you want to generate stats for

Alias /awstats/icon/ /var/www/awstats/icon/

ScriptAlias /awstats/ /var/www/awstats/

DirectoryIndex awstats.pl
Options ExecCGI
order deny,allow
allow from all

edit conf file
nano /etc/awstats/awstats.localhost.localdomain.conf

SiteDomain="www.server.name.com"
HostAliases="aliasa.server.name.com"

move conf files

mv /etc/awstats/awstats.localhost.localdomain.conf /etc/awstats/awstats...conf

set update profile of awstats (default is 1 hr)

/usr/bin/awstats_updateall.pl now -confdir="/etc" -awstatsprog="/var/www/awstats/awstats.pl"

start web service

/etc/init.d/httpd start

test to see if it works
http://www.server.name.com/awstats/awstats.pl?config=www.server.name.com

Installing VSFTPD on CENTOS 5.5

Posted by on July 9, 2010 Comments Off on Installing VSFTPD on CENTOS 5.5

Install package

yum install vsftpd

turn services on

chkconfig vsftpd on

service vsftpd start

set service to start automagically on reboot

chkconfig --level 345 vsftpd on