How to secure DNS server

In this quick tutorial i will discuss how to secure your DNS server (Bind9), by applying the following techniques you will be able to increase your DNS server’s security from the recursion lookups.

  • First of all you should know your two ip addresses of DNS server’s, to do so just open the file/etc/nameserverips there you will get two DNS ips.

# tail /etc/nameserverips

  • Now you would need to open /etc/named.conf

# nano /etc/named.conf

  • Look up for the line :

options {

  • Add the following lines above that:

acl “trusted” {
x.x.x.x;
y.y.y.y;
};

  • Where x.x.x.x and y.y.y.y are your DNS server’s ips.
  • Now look for the line:
  • // query-source address * port 53;
  • Below it , insert the following line :

version “Bind”;
allow-recursion { trusted; };
allow-notify { trusted; };
allow-transfer { trusted; }; Read More

Install Mod_Evasive on apache

In this tutorial i will describe how to install MOD_EVASIVE on a VPS or Dedicated Server, it offers protection against DDoS attacks on the server and is a apache module.

Installation:

  • Login to your server through SSH with valid root details.
  • Run these commands:
# wget http://www.zdziarski.com/projects/mod_evasive/mod_evasive_1.10.1.tar.gz
# tar zxf mode_evasive-1.10.1.tar.gz
# cd mod_evasive
  • Then run following command for apache:
# > /usr/sbin/apxs -cia mod_evasive20.c
  • It will install the mod_evasive on the server.
  • Now you would need to edit httpd.conf file, to do so follow instructions:
  • Open the httpd.conf file in nano text editor
# nano /etc/httpd/conf/httpd.conf
  • And place the following lines into it:
<IfModule mod_evasive20.c>
DOSHashTableSize 3097
DOSPageCount 2
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>
And you are done, this will install and activate Mod_Evasive on the server.
Feedback are welcome 🙂

Harden SSH Access (Change Port)

In this post/article i will describe how to increase your security to prevent hacking attacks from the SSH server. You should apply some configurations and tweaks on the SSH server to ensure the maximum security of your server.

Follow the below instructions:

  • Login to your server through SSH with root access.

Change SSH Port:

The first step of this tutorial is to change the default port of the SSH server. This is most usable way to protect your server from SSH attacks.
# nano /etc/ssh/sshd_config
  • Find the line in that page:
What ports, IP and Protocols we listen for
Port 22
  • Change the Port 22 to any integer you like e.g:
Port 2011
  • and save the configurations. Restart the SSH server:
# service sshd restart
Note: You should not use the port number that is already being used by another services

How do i secure my server ?

In this article i will describe best methods, techniques and tools to secure a VPS or Dedicated Server especially having WHM/cPanel as web hosting control panel.

It is very necessary to ensure the 99.9% security of the server so you will be stay safe from hackers. Follow the below steps to secure your server.

Install FireWall

First of all you should install any firewall software that limits the access to your server on some ports and blocks the ip whether temporarily or permanantly.

I would suggest you CSF with BFD or APF. Tutorial on installing CSF is already discussed see here :

http://websterz.info/security/installing-csf-to-prevent-ddos-attacks/

 

Harden SSH Access

SSH attacks are often used method to access the server through bots, Most servers get hacked from SSH server, to prevent the SSH attacks you need to harden your SSH server security to do this you should consider the following instructions:

  • Run SSH on other port rather than default port 22
  • Disable root login
  • User only protocol 2
  • Enable public key authentication
You can see full tutorial here Read More

Installing ClamAV antivirus tool on your server

In this post i will describe how to install ClamAV an antivirus tool on your linux OS server.

What is ClamAV:

ClamAV is an antivirus tools, which allows you to scan each file on you server, it provides fast scanning of all files including emails, attachments and uploaded files.

It provides the facility to scan those files that are being uploaded, a real time scanning can be achieved with it. It does scan for malicious scripts and for trojans.

You must have this tool installed on the server specially if you are web hosting provider.

Installation:

  • Login to your server through terminal or ssh with root privileges
  • Run the following commands:

# cd
# wget http://downloads.sourceforge.net/clamav/clamav-0.97.2.tar.gz
# tar -xvzf clamav-0.97.2.tar.gz
# cd clamav-0.97.2 #groupadd clamav
# useradd clamav -g clamav -c “Clam AntiVirus” -s /nonexistent .
# /configure
# make
# make install
# cd ..

  • And you are done, now can run your first scan by this command:

# clamscan -r
OR
# clamscan –remove Read More

Installing CSF to prevent DDos Attacks

In this post i will describe how to install CSF (Config Server Security and FireWall) on the linux based Operating system.

A short description of CSF :

CSF provides security improvements and protects your server from various attacks including DDOS. It provides better security as compared to others and the mostly hosting providers are using it to secure their server from hackers. I recommend you to install it on your server whether it is VPS of Dedicated box.

Installation:

  • Login to you server through terminal with root privileges.
  • Type following commands:

# cd
# rm -fv csf.tgz
# wget http://www.configserver.com/free/csf.tgz
# tar -xzf csf.tgz
# cd csf
# sh install.sh

  • it will take less than 5 minutes to be installed completely, afterward you must run the following command to ensure the required iptables modules are installed to function properly:

# perl /etc/csf/csftest.pl

  • And the report will be shown with the suggestions.
  • Now just navigate to the directory where you have installed CSF by executing following command:

# cd /etc/csf Read More