I'll soon be switching to a new server (...at cloudweb.com) - who can set you up with a scalable (resource-wise) self-managed server with:
CentOS 5 (64-bit)
At that point, it's on me to customize the default install accordingly, and manage it (unless I want to pay $75/month). Although I'm considering it, I'd much rather LEARN how to do this myself, of course.
So, has anyone got good links to guides for security in things like:
PHP Configuration (PHP.ini)
PHP Session Handling (what do I change from default right off the bat?)
CPanel / WHM configuration
SSL Certs (install WHM, or do it in CPanel?)
Firewall Management / Ports
I'm thinking there has GOT to be some threads like this here, but I'm not finding anything perfect yet - but I'm also looking for good reading online, and a good discussion here perhaps to best practices, etc...
For basic security you can install CSF, then run "Check Server Security" from within the CSF Admin Panel and go through the check list of security recommendations it provides. I would also recommend installing ClamAV, this also can be integrated with WHM to allow you to manage it from there.