Posted by yolau

Allowing DNS Recursion is like running an Open SMTP Relay. You allow anyone to query your DNS server and this can easily lead to abuse.
You can fix this by disabling recursive lookups for not authorized IP’s.
This article will teach you step by step how to do this.

Login to your server as root
Edit /etc/named.conf
pico /etc/named.conf
Add before [...]

Posted by yolau

Securing ssh access is extremely vital for any server. There are a few things that you can do to secure it. This article will cover one the basics.

The first this that I recommend doing is changing the ssh port. This will prevent a lot of login attempts from automatic scripts trying port 22. To do [...]

Posted by yolau

What is BFD?
BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and [...]

Posted by yolau

What is APF?
Advanced Policy Firewall (APF) is an iptables(netfilter) based firewall system designed around the essential needs of today’s Internet deployed servers and the unique needs of custom deployed Linux installations. The configuration of APF is designed to be very informative and present the user with an easy to follow process, from top to bottom [...]

Posted by yolau

If you are running a shared hosting server is a very bad idea to allow perl scripts to run from /tmp
If have to have a separate /tmp partition mounted with noexec.
This is far from bullet proof but will add one more layer in your server security.
cPanel has a built in script that will mount a [...]