LakerCS.com

The /tmp partition is one the common places for script kiddies and crackers alike to place trojans or scripts. Because of that you should have the /tmp partition mounted noexec. First we need to check if your /tmp is secure.

-----command-----
df -h |grep tmp
-----command-----

If that displays nothing then go below to create a tmp partition. If you do have a tmp partition you need to see if it mounted with noexec.

-----command-----
cat /etc/fstab |grep tmp
-----command-----

If there is a line that includes /tmp and noexec then it is already mounted as non-executable. You will also want to check if /var/tmp is linked to /tmp.
-----command-----
ls -alh /var/ |grep tmp
-----command-----

There's sort of an un-written rule of thumb regarding the SSH console.  If a hacker gains access to an SSH prompt, it's already too late.  While that of course is not entirely true, you should take every step necessary to restrict access to the SSH console.  I know some of you probably have clients that use SSH, and may have even signed up with you because you offer it.  However if you offer shared hosting SSH access should in my opinion never be granted to any of your users.  It's just not worth the risk.

These are measures that can be taken to secure your server, with SSH access.

• Udate OS, Apache and CPanel to the latest stable versions.

  This can be done from WHM/CPanel.

• Restrict SSH Access

  To restrict and secure SSH access, bind sshd to a single IP that is different than the main IP to the server, and on a different port than port 22.

  SSH into server and login as root.

  Note: You can download Putty by Clicking Here. It's a clean running application that will not require installation on Windows-boxes.

  At command prompt type: pico /etc/ssh/sshd_config

  Scroll down to the section of the file that looks like this:

Many web server owners don't realize that most of the problems they encounter are due to lack of good server security.  What they also don't realize is how little effort is required to block 90% of the most common and automated attacks. 

This 3 part guide will show you the basic steps you should take to properly secure your server, and in the same stride reduce the amount of issues that your server faces.

In the first part of this three part series, we look at the simpliest but crtical measure that should be taken ASAP.  Fortuantly they're all done via WHM which makes our first task very easy.