Server Hardening

Almost all Operating Systems and applications are not secure in its default configuration. Sophisticated security measures must be implemented to establish server integrity.

SysAlly has designed a leading server hardening plan for all-round security of your server in an increasingly dangerous cyber world.

Features

CHKRootKit

Shell script that checks system binaries for rootkit modification.

Sysctl.conf hardening

Optimize kernel parameters to enhance server security.

RootKit Hunter

Scans the server for any insidious rootkits and backdoors.

CSF Firewall

An easy SPI (Stateful Packet Inspection) iptables firewall suite with lfd(Login Failure Daemon).

Brute Force Detection

Detects unauthorized access to the server, and blocks attackers using sophisticated counter tools.

Clam AntiVirus

It is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

Linux Malware Detect

Malware Scanner for Linux, effective for the detection of php backdoors, dark mailers and other malicious files.

Disable Anonymous FTP Access

Deny public from accessing FTP server with anonymous login.

Control panel Update

Always keep control panel software to the latest versions

Remove Old Logs

Removing old and irrelevant log data, which would save considerable amount of disk space.

Mod_Security

Real-time web application firewall.

MySQL Optimization

Better performance by optimising MySQL server.

Apache Optimization

Tune the Apache web server for maximum performance

Shell Fork Bomb

Protect your server from users with terminal access who may inadvertently or intentionally cause a fork bomb.

Secure PHP

Secure PHP - Optimizing PHP configuration by restricting PHP information leakage, disabling unnecessary modules/functions, tweaking PHP variables and installing suhosin

System Integrity Monitor

The services will be monitored constantly for any failures and failed services will be automatically restarted.

Root Login Email alert

Alert server owners on root logins.

DNS Attacks

Avoid DNS amplification attacks from succeeding and using up your bandwidth

Secure(SSH) Hardening

Tweak SSH settings to secure SSH access.

Compile Apache & PHP with updated patches

Apache and PHP scripts are subjected to vulnerabilities, and should be patched periodically.

Init scripts security

Securing init scripts to avoid unwanted privilege escalations.

Nginx installation for c10k issue protection (optional)

Native apache web server have problems in handling huge concurrent connections. Nginx is the solution for this.

Tmp directory security

Hackers usually try to upload unwanted programs or scripts in /tmp directory. It should be mounted on its own partition with limited permissions.