- SERVER TWEAK & OPTIMIZATION
- $499
- Web Server Optimization
- Mysql Optimization
- Php Optimization
- Control Panel Optimization
- Tweak linux kernel parameters
- Tweak mount options
- Tune disk I/O
- Tune TCP/IP options
- Configure logrotate and syslog/rsyslog
- Stop and disable unwanted services
- Update kernel
- SPRI : Tool priorities server according to server performance and productivity
- Enforcing Stronger Passwords by pam_cracklib module
- Tweak BIND to disallow any sort of DNS attacks
- System Integrity Monitor
- MyTOP :Monitoring tool My SQL Performance
- System Integrity Monitor
- SERVER AUDIT & REPORT
- $499
- Initial Check-up
- Run rkhunter /Run chkrootkit for a quick scan
- Check Network Ports / Hardening sysctl.conf
- Secure /tmp, /var/tmp and /dev/shm with mount options noexec, and nosuid
- Install, Review & Investigate Logwatch
- Web Server Security & Optimization
- Php Tightening /Control Panel Tweaking
- IP backlisting check / Host.conf Hardening
- Scan for suspicious files and symlinks
- Hardening Pure/Proftpd and Optimizing backup files
- Check whether memory and swap space
- Check and confirm suspicious network connections
- Check suspicious processes on server
- Clean unwanted temporary files from /tmp partition.
- Scan for any hidden processes not listed in “ps” output.
- Check users with shell access except root user
- Check normal user execute root commands via sudo
- Check the version of Apache / PHP / kernel currently installed on the server.
- Clean Spam, Frozen and unwanted mails in mail queue
- Scan for suspicious files using maldet / clamav
- Check for unsafe file permissions and Disabling some executables
- Check the memory/CPU (system health check)
- Scan for files & directories with world-writable permissions
- Check server load & partitions for maintenance activities
- Scan for *.c or binary files (possible security issues)
- Check dmesg output / Check history for root and su user
- Examine common linux log files
- Turn off recursive in named.conf to avoid DNS amplification attacks.
- Hide server version details for httpd,ftpd,named
- Restrict users to execute cron
- Disable the PHP functions for security execution of malicious script
- Tune kernel parameters and Disable unused services
- Enable PHP open_basedir Protection
- Include safe_mode for PHP 5.x and below.
- Enabling suEXEC provides support for Apache
- Updated rules for mod security for OWASP 2014
- Update php¬pear and gem modules on server
- Tackle down infected files on the server access by AUTOBOTS