Install XCache
XCache is a fast, stable PHP opcode cacher that has been tested and is now running on production servers under high load. It overcomes a lot of problems that has been with other competing opcachers such as being able to be used with new PHP versions.
1. Installing the XCache package
apt-get install php5-xcache
Blacklisting e-mail addresses using MailScanner
1. Create a new file containing the blacklisted e-mail addresses (pico /etc/MailScanner/rules/spam.blacklist.rules)
FromOrTo: user1@domain.com yes
FromOrTo: user2@domain.net yes
FromOrTo: default no
Installing suPHP
suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
1. Install suPHP
apt-get install libapache2-mod-suphp
Scan your web server for vulnerabilities with Nikto
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.
1. Install Nikto
apt-get install nikto
Installing and configuring Squid proxy server
Squid is a caching proxy supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.
1. Install the Squid package
apt-get install squid
Simple load balancing using Pound
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively.
1. Install the pound package
apt-get install pound
Installing and configuring MailScanner for virus and spam filtering (Postfix, ClamAV, SpamAssassin, Razor)
MailScanner is an e-mail security and anti-spam package for e-mail gateway systems. MailScanner is highly configurable using a very easy-to-use system of rulesets. Virtually every configuration option can, for example, be controlled on a per-user, per-domain or per-IP basis.
It's assumed that you have already installed and configured Postfix according to this tutorial:
Installing Postfix with MySql backend and SASL for SMTP authentication
1. Install required packages (ClamAV, SpamAssassin, Razor and required libs for MailScanner)
apt-get install clamav clamav-base clamav-freshclam libclamav6 spamassassin razor unzip libarchive-zip-perl libconvert-tnef-perl libhtml-parser-perl libmime-tools-perl libmime-perl libcompress-zlib-perl libconvert-binhex-perl libdbd-sqlite3-perl libfilesys-df-perl libsys-syslog-perl libsys-hostname-long-perl libmailtools-perl libole-storage-lite-perl
Disable root login to SSH
Allowing root logins to your SSH damon is a big security threat. If the SSH port is open, hackers will probably at some time attempt to brute force your root password. It's a good idea to disable root logins to SSH and instead use a normal user to login and type "su -" to enter the super user shell or sudo to perform tasks that require root privileges.
1. Open the SSH daemon config file and change this line: (pico /etc/ssh/sshd_config)
PermitRootLogin no
Adding a sudoer to use sudo on Debian
Sudo allows a system administrator to delegate authority to give certain users (or groups of users) the ability to run some (or all) commands as root or another user while providing an audit trail of the commands and their arguments.
1. Create a new user (optional)
adduser user1
Installing Dovecot IMAP and POP daemon with MySql backend
Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written primarily with security in mind. Dovecot primarily aims to be a lightweight, fast and easy to set up open source mailserver.
It's assumed that you have already installed and configured Postfix according to this tutorial:
Installing Postfix with MySql backend and SASL for SMTP authentication
1. Install required packages
apt-get install dovecot-imapd dovecot-pop3d
Hosting sponsor
Debian Tutorials
Tag Cloud
Categories
- Backup (2)
- DNS (2)
- FTP (2)
- General (3)
- Kernel (2)
- Mail (10)
- Monitoring (5)
- MySQL (10)
- PostgreSQL (1)
- Release (47)
- Security (8)
- Virtualization (3)
- Web (12)
- X (1)
Ubuntu Tutorials – Latest
- Installing ionCube
- Installing Zend Optimizer
- Disable root login to SSH
- Installing PowerDNS on Karmic Koala
- Add a sudoer (user allowed to use sudo)