Complete CentOS secure server setup

Home > Articles > Complete CentOS secure server setup

Complete CentOS secure server setup

This guide describes how to quick install a CentOS based webserver. It mainly focuses on performance and security.

Update the system

yum update

Remove unneeded software

Minimize the number of software that could possibly be exploited:

yum remove cups cups-libs irda-utils

Disable unnecessary services

This could be done by typing:

for service in \
atd \
anacron \
auditd \
cpuspeed \
kudzu \
mcstrans \
pcscd \
portmap; \
do chkconfig --level 0123456 $service off; done;

As an alternative, you can use the setup tool.

Install LAMP

Use this guide to install Apache, PHP, MySQL and phpMyAdmin

Disable unneded stuff

If you want you can disable IPv6 protocol, by editing file /etc/sysconfig/network and set:

NETWORKING_IPV6=no

After that, add the below code to /etc/modprobe.conf to disable ipv6 kernel module loading:

alias ipv6 off
alias net-pf-10 off

Secure SSH

To secure SSH access to the server follow the guide Secure existing OpenSSH installation

Secure temporary folders

To prevent malicious scripts execution secure temporary folders

Install Firewall

Finally, install ConfigServer security and Firewall

Articles centos security server

Comments (1) Trackbacks (0) Leave a comment Trackback

FrankBro

#1

Reply | Quote

Thanks a lot for this great guide. Looking forward to build my first online server !

No trackbacks yet.

Secure existing PHP installation

SysAdmin.MD