Tools to secure your server?

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
Which is the best tool to secure my server? I prefer free tools but paid tools are also welcomed :) I installed csf for my server but to be honest I am not still satisfy with it and need to know others, may be better. Please suggest me!
 

tuxandrew

Well-known member
Registered
Joined
Aug 19, 2012
Messages
126
Points
18
For any Linux production servers it require as total server hardening.

In general,
Hardening start from SSH then Firewall, Applications, permissions, Services, OS package update,Kernel update,Securing the /tmp directory,Rookit check,Mail services,Generating periodic HDD health status report,removing unwanted/obsolete packages,Disable or remove unused server services, go on..
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
fiz
You explained very well that what needs to be done but I think he was asking more like about some specific tools.
 

fiz

Well-known member
Hosting Provider
Registered
Joined
Aug 6, 2020
Messages
116
Points
16
Which is the best tool to secure my server? I prefer free tools but paid tools are also welcomed :) I installed csf for my server but to be honest I am not still satisfy with it and need to know others, may be better. Please suggest me!
tuxandrew explained very well but would like to add a few things. Limit the SSH access to either specific IP, if you have a Dedicated IP and turn off the password authentication. Use Public Key to login. Also, you mentioned you are using CSF. it a quite powerfull tool if you use it right. Protect your server with ClamAV, Maldet or ImunifyAV. There are other few tools that might help you, use them according to your needs.
  • Lynis
  • Chrootkit
  • rkhunter
  • LMD
  • rkhunter
  • OpenVAS
  • REMnux
  • Tiger
  • Maltrail
  • YARA
These are few tools for different purposes. You can look into them and use them according to your needs. You didn't mention your OS so some might not be available for yours'.
 

Localnode

Well-known member
Registered
Joined
Dec 15, 2015
Messages
333
Points
43
Hi.
This is a basic ruleset for RHEL-based operating systems (CentOS, CloudLinux, etc) using cPanel/WHM
The following software is not resource intensive, therefore you will not see any decrease in performance.

Install CHKRootKit, which is a program that looks for known signatures in trojaned system binaries, it basically detects if the system has been compromised

Install Rootkit Hunter, which is scanning tool to find most types of exploits (backdoors, suspicious files, md5 hash comparisons, and is over 99% accurate in detecting such exploits

Install Logwatch. This program parses through my server's logs and reports to you via e-mail on a daily basis with tabulated information.

Install SIM (System Integrity Monitor), this software checks all services 24x7 and restarts them if they are down. An e-mail is dispatched a downed service is detected and restarted.

Optimise and secure Apache (HTTPD) server. For extra http/php security - install mod_security if you would like, it is not installed by default because it can interfere with certain common functions.

Optimise MySQL Server to perform at it's best under the most common and standard environments. IMPORTANT: If you need mysql to have high connection limits or high timeouts then re-enable them in the MySQL config.

Please note that since every server's specs and usage are different, the standard optimisation is a base set of recommended values. Optimisation sometimes takes several times to get just right, and the best way to optimise it is to see the problem while it is happening so you can tweak the specific values based on my specific usage.

Secure and harden System Configuration File host.conf to prevent DNS lookup poisoning and also provide protection against spoofs.

Srcure and harden System Configuration File nsswitch.conf. Also optimise it to perform DNS lookups more efficiently.

Secure and harden System Configuration File sysctl.conf to help prevent the TCP/IP stack from syn-flood attacks. It is also configured to prevent other various and similar network abuse.

All of your vulnerable directories (/tmp, /var/tmp, /dev/shm and /usr/local/apache/proxy) review them and make sure they are clean.

Secure and harden /tmp and /var/tmp to prevent the execution of malicious scripts

Set up a root login notification script and logger. This will send an e-mail to 'root' every time someone logs into your server as root. Also, it will keep track of all logins in a history file located in /var/log/rootlogins

Install SPRI. This program changes the priority of different processes in accordance to their level of importance. You should see at least a 5-20% decrease in the average load level of your server on average.

Disable unused programs on your server.
This reduces the chance of being compromised through software exploits on old or deprecated programs.

Install MultiTail and gives you the ability to tail (view realtime activity) multiple log files simultaneously.

Install PHPSysInfo. This is a GUI (graphical user interface) to my server's vital statistics. You can view it by logging into WHM as root, then add /phpsysinfo/index.php to the end of the url after you have logged in. You will have to enter the root login information to gain access as it is protected under the root WHM login.

Disable telnet to prevent insecure transmissions of data and passwords, SSH must be used instead of Telnet, and functions the same way.

Harden SSH by restricting the SSH Protocol to SSH 2. SSH will still function the same way, just more secure. Change the SSH port and disable direct root logins (only allow ssh keys). I strongly recommend doing this.

ConfigServer Explorer has been installed into WHM with root level permissions. This allows system root files to be edited in an emergency situation when SSH is not accessible. You can access this by logging into WHM and click this link at the bottom left side.
NOTE: You will have to enter root login information to gain access as it is protected under root WHM login.
!!IMPORTANT!! This simulates SSH access, treat it as such, do not use it unless you are familiar with SSH. Moreover, do not execute any commands you are not fluent with. As with SSH, damage can be done if this program is not used properly. If you are unfamiliar with SSH, do NOT use this program. It should be left in case of such an emergency. Again, this file can only be accessed through WHM while being logged in as root.

Eable Background Process Killer to kill any of the following which are commonly recognised bad processes: BitchX, bnc, eggdrop, generic-sniffers, guardservices, ircd, psyBNC, ptlink and related services.

Create a warning message for the SSH login welcome screen. Any user that logs into my server via SSH, will see a message stating 'SSH is for authorised users only and any unauthorised access will be reported to the law enforcement authorities'.

Update FTP server software and tweak it to increase the security of FTP connections to the server.
Again, this is standard.
You could go further by installing things like ClamAV, Immunify360, etc.

I've kept it in quote marks for easy reading.

I'd also suggest you look at some guides, and possibly hire an admin to harden for you if you don't have any experience.
 

hostguy

Member
Registered
Joined
Sep 9, 2020
Messages
49
Points
6
You can secure your server with few simple tips ans tricks.
Secure your SSH, Use server firewall, Brute force, DDos protection, Open limited ports on server, Use Antivirus software etc.
 

zainhosting

Member
Registered
Joined
Mar 11, 2019
Messages
34
Points
8
First of all, change your ssh port, enable brute force security from WHM and install CSF, Modsecurity Tools, and Imunify are enough to secure a server.
 

AndrewCohen

New member
Registered
Joined
May 16, 2020
Messages
4
Points
1
Which tool is the best for securing my server? I prefer free tools, but commercial products are ok as well. I installed csf on my server, but to be honest, I'm still not satisfied with it, and I'd want to learn about other options that might be better. Please make suggestions for me!
 

sam@12

Member
Registered
Joined
Jun 8, 2021
Messages
62
Points
6
Hello,
Following are the tools to secure your server
1 Chrookit
2 Rkhunter
3 lynis

Change your server ssh default port and also allow your server from the specific IP or access through VPN.
 

FerdieQO

Well-known member
Joined
Jul 15, 2016
Messages
213
Points
28
I only use csf, I think that is enough the rest, I used manual ways to config my server for better secure.
 

Jeff Martin

Active member
Registered
Joined
Oct 30, 2019
Messages
78
Points
8
Now a days, IT network managers are looking for the smart and robust ways to protect the Servers. A virus attack or system crash will put their professional life into a big risk. To avoid it, they need to take some basic but important steps for protecting their servers.

Use of Network Security Tools: Performing regular resting with the right tools helps to ensure that the correct security measures are being taken. Network and operating system-level tools as well as web-centric tools are invaluable for companies. They can be used on a regular basis to ensure the maximum safety of each system and keep hidden threats from damaging the server. Many of the viruses created today change to avoid detection and may be hidden on a network. Use these tools regularly to avoid this problem.

Use of Security Software: One final important aspect of computer security is software like Deep Freeze Server. This protection maintains server consistency by freezing the server's desired configuration. When viruses or other malware is on the server, this software restores the computer to its original desired configuration by simply rebooting the server. It's a primary way of protecting any server that is exposed to the internet.
 

AndrewCohen

New member
Registered
Joined
May 16, 2020
Messages
4
Points
1
You can secure your server with few simple tips ans tricks.
Secure your SSH, Use server firewall, Brute force, DDos protection, Open limited ports on server, Use Antivirus software etc.
 
Recommended Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top