Hi-
I was thinking of setting up a server with either plesk or ensim. Since I am not an expert at security, could someone tell me what needs to be done to a server to make it secure? This is aside from installing say plesk on a clean server running linux 7.1 and disabling telnet access. Guys at plesk dont want to really offer any advice.

Thanks

Well my guess is the reason Plesk wont tell you what to do is for liability reasons. They will only support issues with their CP, I am sure the others would do the same. If you do a search here on securing a server you will find quite a few posts with some suggestions on what to do.

In short only run needed services and shutdown everything else. Dont use Telnet, install some sort of firewall using either IPchains, IPtables or IPFilter depending on the OS. Make sure you are running the most current package releases for the services you need to run. Use SuExec and php safemode whenever possible. Make sure your permissions are set correctly. Disable root login via SSH. I am sure I am forgetting a few things but you get the idea pretty much, if you do a search you may find other things that are recommended as well.

An old FAQ for securing a Plesk server is here:

http://www.penguinrack.com/thefaqs.html

Another FAQ, although more targeted towards NetMAX, is useful:

http://www.netmax.com/fom/cache/374.html

Thanks very much for the help guys - I really appreciate it.

anyone got any ensim faqs?
TIA