Optimize/Secure Server for small VPS 256 MB - 512 MB

Discussion in 'Suggest HOWTO' started by phantomk, May 26, 2008.

  1. phantomk

    phantomk New Member

    There are alot of guides on howto install pretty much any program you want on your server, but there are very few on how to properly configure/secure the programs you install. Most of the programs have been built, or at least in my eyes, for servers that have a little "juice" behind them.

    I personally use lighttpd/mysql/php5/postfix/ssh/monit as the only running programs on my tiny 256 MB VPS. The server is setup to only send local e-mail, have not found a proper substitute besides postfix to do this, if anyone can recommend one I would also appreciate it, but besides the point. I try not to run anything more than what I need.

    I would love to see a guide(s) on howto optimize/secure a local running mysql to be used by the local server only.

    I would also love the same for lighttpd, but lighttpd is so simple and I find it to be secure, but you never know, that you probably don't need one.

    The same goes for PHP, postfix, SSH etc ... And there are things that should be secured that never seem to get discuss that often. Such as lingering "extra" programs/scripts that may have been installed when the VPS was first setup by your hosting provider.

    I have always come to howtoforge for help on setting up a new server, but have always been disappointed as I can't seem to find too many howto's to deal with securing the server.

    Oh yah, any of the above guides should be orientated to running the server, WITHOUT a control panel. I despise them to death :) And running a control panel of any kind on your server is just wasting the valuable resources you have on your VPS.
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Just add
    Code:
    bind-address = 127.0.0.1
    to your my.cnf and restart MySQL.

    I'd also set up something like DenyHosts/Blockhosts/fail2ban to stop brute-force attacks.

    Regarding apache/PHP, mod_security might be of interest for you.

    You can find guides for this on HowtoForge. :)
     

Share This Page