1
JamesSAEP
Securing Linux
  • 2006/6/13 20:29

  • JamesSAEP

  • Just can't stay away

  • Posts: 732

  • Since: 2005/2/28


I know XOOPS site has closed a few times to do some server hardening. Can XOOPS post their guidlines? Can anyone point me to a reliable guide to secure the following:

Apache
Mysql
PHP
Linux

Thanks.

2
m0nty
Re: Securing Linux
  • 2006/6/14 1:18

  • m0nty

  • XOOPS is my life!

  • Posts: 3337

  • Since: 2003/10/24


well it varies from distro to distro, and with what other software you have installed, and what you are using the server for etc..

ie.. if you don't need something or don't use it at all, then don't install it or disable it..

if you use ssh, then it's best to disable root login.. and add your main user or whatever to the admin group or whatever you call it.. then SU if you need to access with root privs. change the default ssh listening port to something random (that isn't actually a normal used port, by this i mean don't set it to port 80, or 21, or 443 etc)

try not to make usernames called 'admin' or administrator, or manager, or owner etc.. make long passwords containing uppercase/lowercase/numeric & other characters like +-£$ etc..

if you don't use ssh at all, disable it.. likewise with telnet..

google around for more info, there's plenty of sites outthere that will give you info..

http://security.linux.com/article.pl?sid=04/08/20/1546229&tid=90

http://security.linux.com/article.pl?sid=04/08/19/1422204&tid=2&tid=74

http://www.seifried.org/lasg/

http://howtos.linux.com/guides/linux-admin-made-easy/

keep your system current and up2date (try to use stable releases tho)

3
McNaz
Re: Securing Linux
  • 2006/6/14 6:35

  • McNaz

  • Just can't stay away

  • Posts: 574

  • Since: 2003/4/21



4
jdseymour
Re: Securing Linux


5
DIDI5
Re: Securing Linux
  • 2006/6/14 8:07

  • DIDI5

  • Just popping in

  • Posts: 36

  • Since: 2006/3/24


Cosmetic change:
You might as well consider to rename your 'mainfile.php' to 'yoursecretname.php ' ((and make the change wherever it is being included)).
And that is only cosmetic.. breaking down the pattern!!
Maybe the future version could consider to giving the user the option to name or rename their mainfile to whatever they wish.

6
McNaz
Re: Securing Linux
  • 2006/6/14 9:59

  • McNaz

  • Just can't stay away

  • Posts: 574

  • Since: 2003/4/21


Quote:
Installing Rootkit Hunter (rkhunter)

Protecting Linux from Automated Attackers

Server Security Tutorials at Webhostgear


Yum yum. Google Notebook gobbled these up as well

7
JamesSAEP
Re: Securing Linux
  • 2006/6/14 14:36

  • JamesSAEP

  • Just can't stay away

  • Posts: 732

  • Since: 2005/2/28


Thanks everyone for all the replies. It is definately a place to start. When I posted, I thought I had put the Linux will be Fedora 5.

The box will just be for hosting XOOPS and other sites, only running apache, php, mysql, phpmyadmin, ssh.

Login

Who's Online

377 user(s) are online (327 user(s) are browsing Support Forums)


Members: 0


Guests: 377


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits