Results 1 to 25 of 25
  1. #1
    Join Date
    Apr 2011
    Location
    San Francisco, USA
    Posts
    191

    * Easy Linux Security Script

    So I was reading a lot of tutorials here on WHT, and found a link to web4host.net

    I found on their homepage that they have this project called ELS, and would like to share it with you.

    http://www.web4host.net/els.php

    To get it up and running for you, issue the following command as root:

    wget -O installer.sh http://els.web4host.net/installer.sh
    chmod +x installer.sh
    sh installer.sh

    This script helped me setup some security enhancement for my VPS, and I hope this helps you out too!
    Rg Enzon, Founder & Designer @ Play Technica
    We build exceptional games & applications™
    We provide better user experience through design

  2. #2
    Is that really true. This script can secure VPS.

  3. #3
    Join Date
    Apr 2011
    Location
    San Francisco, USA
    Posts
    191
    Yes, I'm using it on my box
    Rg Enzon, Founder & Designer @ Play Technica
    We build exceptional games & applications™
    We provide better user experience through design

  4. #4
    Join Date
    Jul 2007
    Location
    /dev/zero
    Posts
    140
    In some cases, hardening your /tmp, /var/tmp and /dev/shm or other measures should be done manually.
    vpsoffers.com - a modest place for vps offers by sim so dep

  5. #5
    Join Date
    Sep 2002
    Location
    Among the corn
    Posts
    10,724
    Quote Originally Posted by lovelycesar View Post
    In some cases, hardening your /tmp, /var/tmp and /dev/shm or other measures should be done manually.
    In all cases security measures should be done manually by trained professionals who know what they're doing, not by some kid who downloaded something off of the internet in their dad's basement.

    Securing your server is not an automated process. Sure, some of it can be (firewall administration, log rotation, etc), but that's just the small end of the spectrum
    Linux admin, support tech, php developer for hire. PM for more info

  6. #6
    Join Date
    Nov 2006
    Location
    USA
    Posts
    1,206
    Just in case anyone cares, original is here - http://servermonkeys.com/els.php

    The site you linked to seems a tad fishy looking to me..

  7. #7
    Join Date
    Aug 2011
    Location
    India
    Posts
    444
    Quote Originally Posted by leckley View Post
    Just in case anyone cares, original is here - http://servermonkeys.com/els.php

    The site you linked to seems a tad fishy looking to me..
    Yeah but they've mentioned the name of the creator on their website. " ELS was created by Richard Gannon, Martynas Bendorius and Wael Isa."

  8. #8
    Thanks!
    This scrit protect from shells ?

  9. #9
    Quote Originally Posted by darky88 View Post
    Thanks!
    This scrit protect from shells ?
    No it doesnt, it just hardens your server and instals CSF ect. You need to add custom rules to mod_sec and disable functions to render them useless.
    Ashton Allen | FuseWeb Limited
    Premium UK Webhosting
    | Shared Hosting | VPS | Reseller Hosting | VOIP |
    FuseWeb.co.uk Or follow us on Twitter

  10. #10
    Join Date
    Feb 2006
    Location
    Victoria, Australia
    Posts
    132
    Hardening a server with a script? pointless. No server is the same, doing it manually is the only way to fly!

  11. #11
    Join Date
    Mar 2002
    Location
    Philadelphia, PA
    Posts
    2,508
    Quote Originally Posted by Dexqt View Post
    Hardening a server with a script? pointless. No server is the same, doing it manually is the only way to fly!
    Truth++++

    Another problem with scripts is, unless you take a little time to view the source code, most people generally have no clue what is really being done behind the scenes.
    Linux junkie | steward.io

  12. #12
    Join Date
    Jan 2012
    Posts
    13
    Quote Originally Posted by viGeek View Post
    Truth++++

    Another problem with scripts is, unless you take a little time to view the source code, most people generally have no clue what is really being done behind the scenes.
    yes, and from my experience this script is not recommeded by Cpanel Servers

  13. #13
    Join Date
    Jun 2006
    Location
    United Kingdom
    Posts
    1,765
    Quote Originally Posted by neelhaam View Post
    Is that really true. This script can secure VPS.
    It's good as a starting point but it misses a lot of things, also it uses APF from which most people have now moved to CSF firewall.
    Reliable, trustworthy, expert server management
    I'm on LinkedIn

  14. #14
    Join Date
    Sep 2009
    Location
    South Korea
    Posts
    339
    Any body who buys a VPS from us has the option in the order form to have the basic security set up automatically for him

    If Yes for secuirty reasons our script will first make the following adjustments: *Only "root" can be used for any major Command - Permission Change: chmd 700 netstat, ifconfig, wget, curl, make, gcc, perl, python, java, dmesg, whereis, whoami, test, finger, pstree, who, last, w, lsmod - ubuntu : gcc-*, python*, w.procps (Replacement of the Binary) allow_url_fopen For security reasons will be inactive(CentOS) - For clients who have chosen Apache-PHP-Mysql In /etc/php.ini Our script will make the: allow_url_fopen = Off Also Our script will install "fail2ban" to protect your SSH - If during 10 min 20 times failed login is detected the IP will be banned for 20 min
    Internet Brothers Asia*SEOUL South Korea Since 1999
    http://www.internetbrothers.co.kr Business Registration 134-11-18207
    ▇ ASIA KOREA Web Hosting with English Support focusing on International clients in/out of Korea
    Cloud XEN VPS, VDS , Dedicated Servers physically located in South Korea Twitter @internetbros

  15. #15
    Join Date
    Jun 2011
    Location
    INTERNET
    Posts
    40
    Great find.

  16. #16
    Thanks for it will give it a try

  17. #17
    Join Date
    May 2010
    Location
    on the web
    Posts
    7
    Quote Originally Posted by leckley View Post
    Just in case anyone cares, original is here - http://servermonkeys.com/els.php

    The site you linked to seems a tad fishy looking to me..
    you right but now i update els ver 4.0.1.2
    and you can ask Martynas in directadmin forums

  18. #18
    Join Date
    Feb 2006
    Location
    Victoria, Australia
    Posts
    132
    That script is pure junk.

    Code:
    ## 32MB for every 1GB of RAM
    Honestly? rofl.

  19. #19
    Join Date
    Nov 2006
    Location
    USA
    Posts
    1,206
    Quote Originally Posted by Dexqt View Post
    That script is pure junk.

    Code:
    ## 32MB for every 1GB of RAM
    Honestly? rofl.
    Another valuable post....why do you bother posting if you don't offer advice..or at least comment further than your nearly worthless 2 cents.

  20. #20
    Join Date
    Dec 2010
    Location
    127.0.0.1
    Posts
    5,339
    It doesn't seem useful to be honest, APF is not as good as CSF.

    I wouldn't trust it with a barge pole.
    Licensecart - We only sell High Quality licenses
    Products: Blesta ~ LiteSpeed ~ SolusVM ~ KernelCare ~ InterWorx ~ Webhost Bundle
    Billingbrawl.com:- Blesta vs WHMCS: Round 4 Battle of multi-currency
    Visit us @ Licensecart.com ~ sales(➾)licensecart.com ~ webhostbundle.com

  21. #21
    Join Date
    Jul 2005
    Location
    New Jersey, US
    Posts
    1,457
    Relying on any automated script to secure your server is a very, very, bad idea. Especially since their site says it was tailored for OS versions that are end-of-life and their script has not been updated in almost 3 years. So aside from not being of any benefit, it can potentially actually do harm by modifying your system to what the standards were 3 years ago (mysql 4.1, APF firewall, etc.)
    PlatinumServerManagement (also known as PSM)
    The OLDEST and LARGEST and MOST TRUSTED server management provider in the USA, with 15+ employees and growing!
    Providing quality support for OVER 14 years! Currently supporting over 3,000 servers monthly!

    www.PlatinumServerManagement.com Proud member of the NJ BBB & Chamber of Commerce, and Authorized Cpanel Partner.

  22. #22
    Join Date
    Jul 2009
    Location
    Tangerang, ID
    Posts
    124
    hello there, firstly thank you for the script but it seems i cannot download the script, any other mirror?
    >>OpenVPN Auto Installer
    >>Nginx Auto Installer NGX 1.7.0, 1.6.0 - PHP 5.3, 5.4, 5.5 - MySQL 5.1, 5.5

  23. #23
    The script is good but can be modified according to user needs. But thanks anyways for the share.

  24. #24
    ELS - Easy Linux Security
    UPDATE April 8, 2009:


    I don't think the script can secure your current servers.
    DomaiNesia - Jagonya Domain Murah
    Low Cost Indonesian Domain Registrar

  25. #25
    Join Date
    May 2010
    Location
    on the web
    Posts
    7

  26. Newsletters

    Subscribe Now & Get The WHT Quick Start Guide!

Similar Threads

  1. Automated Linux Security Script?
    By The Calling in forum Hosting Security and Technology
    Replies: 8
    Last Post: 10-03-2010, 12:33 AM
  2. Need image gallery script with easy user uploads and easy ad setup
    By Dr. Doom in forum Web Design and Content
    Replies: 2
    Last Post: 05-14-2009, 05:04 PM
  3. ELS - Easy Linux Security script
    By smtalk in forum Other Offers & Requests
    Replies: 23
    Last Post: 04-02-2007, 02:33 PM

Related Posts from theWHIR.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •