A great way to add more security to your web server is to disable GET, wget, and Curl which will stop web, and shell users from being able to download files to the server. You can set up a group called get-users so that only users that are a member of this group will be able to to download files to the server.
This is a guide on how to add Directory Indexing to Apache 2 to so that it will look just like Apache 1.x Indexing with icons.
There are two different ways to do this if you have full root control over the entire server you can change the Apache 2 httpd.conf so that it will reflect server wide. There is also away to set this on a per user, per domain basis in case you want to just set this for one user or domain or if you are on a shared hosting plan.
› Continue reading
This is a guide on how to install and configure a firewall on your server. A firewall is one of the most import features of security on a server if NOT the MOST important.
First thing we are going to do is install APF (Advanced Policy Firewall) from R-fx Networks.
Log-in to the server with ssh and change to root user.
› Continue reading
This is a guide on how to add more security to your server by disabling root logins and change the standard port that ssh uses.
First thing we need to do is create a a user name that we are going to use that will be our new root login.
[root@dev ~]# /usr/sbin/adduser admin
-OR-
[root@dev ~]# useradd admin
You do not have to use admin you can use whatever you would like e.g. joe, jeff john, carl, richard either way remember that Linux is case sensitive so if you use a capitals in your login name you will have to use capitals every time you login.
› Continue reading