Since early 2010 we have been providing affordable Linux server management to clients worldwide. Whether you are having security issues, performance issues or have a brand new server waiting to be configured, we can help! We have a fantastic team of RedHat, cPanel University and Cisco certified System Administrators with over 50 years of combined experience.
For security reasons we do not reccomend running OpenVZ on your SolusVM master. Ideally a SolusVM master should be hosted on a small dedicated server or VPS, however if you would like OpenVZ to be installed we will do that on request.
Check OS configuration & runlevel
Install latest operating system updates and kernel
Check for system users with shell access
Disable unnecesarry services
Mount /tmp, /var/tmp and /dev/shm with noexec,nosuid options
Disable dangerous binaries for normal users
Install/configure sysstat, iotop, iftop utilities
Install/configure NTP for automatic time syncronisation
We will install cPanel on your server (If required) and carry out a thorough check of your servers configuration, including proven methods and utilities to enhance your servers performance, security and usability. This can also be used on existing servers, though if you are having specific security issues you would be better suited to our cPanel Security Bundle.
Hardening & Security
Update operating-system, kernel and all server related software
Disable unused & potentially vulnerable services.
Limit access to select system binaries.
Harden /etc/host.conf and /etc/sysctl.conf.
Harden temporary system directories (/tmp, /var/tmp and /dev/shm).
Installation of ConfigServer Firewall.
Installation of ConfigServer Login Failure Daemon (LFD).
Installation of CHKRootKit with daily cronjob
Installation of RKHunter with daily cronjob
Installation of Linux Malware Detect (LMD)
Installation of Mod_Security.
Install ClamAV File/Email Antivirus
Disable dangerous PHP functions
Disable root and anonymous FTP access
Restrict root access to SSH, enable logging and change default port.
Restrict external access to mySQL
Disable compilers for underprivileged users.
Enable shell fork bomb protection.
Enable php open_basedir protection.
Enable background process killer.
Enable reccomended cPanel "Tweak settings".
(Optional) Email notification on root login to SSH.
Installation/configuration of SpamAssassin & ClamAV