I had some problems with one of my VPS with another company.
Should I hire the services of a professional server management company (3rd party) for one time initial server setup?
Is it worth? I don't mind paying one time fee, but will it better the performance / reliability of the vps?
The services provided are as follows: (comes as a package)
SIM - (System Integrity Monitor) - 24x7 Internal Monitoring of services. SPRI - (System Priority) - Sets priority to current processes being run on your server, decreasing load 10-25%. PRM - (Process Resource Monitor) - Monitors all resources used by all processes and if a process is being flooded or causing high load on the server, it is killed. BFD - (Brute Force Detection) - Detects brute force connections and automatically enters the offending IPs into the firewall to be blocked. LES - (Linux Environment Security) - Enforces root-only permissions on system binaries as well as other restrictions on system programs. Exiscan with Clam-Antivirus - Detect emails containing viruses or spam and discard them so your server is not the origin of the spread of todays common viruses or spam emails. /tmp & /var/tmp hardening We harden /tmp and /var/tmp so no malicious scripts can be executed from the commonly used directory. /dev/shm & /proc hardening - Another place hackers tend to upload files to is /dev/shm. This directory is hardened as well. Optimize FTP Server for faster connections. Optimize MySQL & Apache to reduce load and speed up connections.
Secure Apache to reduce the amount of information visible about a server's software making it less vulnerable. Host.conf Hardening - Prevents IP spoofing and prevents DNS poisoning. CHKRootKIt Simple script that detects software used by hackers. It scans once a day and emails the client if any suspicious scripts are found. Disabling Unused Services We disable unused services to prevent them from being exploited. TCP/IP Hardening Prevents DDOS and SYN-Flood attacks. Logwatch Sends a daily report to the client with all activity that has taken place on the server for that day. Operating System Optimization Optimize the OS for faster operation and load reduction. Disable Open DNS Recursion - Prevent foreign queries that strain your dns servers and prevent it from being utilized in DNS DDoS attacks. Remove unused software We remove unneeded software to minimize the number of software that could possibly be exploited. Remove unused services Unused services are shutdown and their ports closed. Libsafe - Libsafe prevents buffer overflows and scans for exploitable software and notifies the client daily if any is found. eAccelerator / Zend Optimizer / Ioncube Installation - eAccelerator dramatically decreases page loading times by caching php scripts in a compiled state. SSH Server Hardening - locks down and hardens the SSH server. Nessus Security Scan - We perform a full system security scan on your server and patch any vulnerabilities found. Mod_Security - Extensive rule-sets add additional layers of security for your web applications. Mod_Evasive - Provides evasive action in the case of a DoS attack. AIDE - File Integrity Detection System. Smartd - Hard Drive reliability monitor. Provides i/o analysis and failure rates. RKHunter - Comprehensive security analysis. Disable php functions - Disabling potentially harmful php functions. LSM (Linux Socket Monitor) - Identifies rogue services. Spam Protection- Enables mail server to use spam blacklists, filtering out 99% of internet spam. Spamassasin Rules - Extensive spamassassin rulesets to help combat many common types of spam. Dictionary Attack Prevention (Cpanel only) - Detects and blocks incoming dictionary attacks to your email system.
/tmp & /var/tmp hardening – We harden /tmp and /var/tmp so no malicious scripts can be executed from the commonly used directory.
/dev/shm & /proc hardening - Another place hackers tend to upload files to is /dev/shm. This directory is hardened as well.
Smartd - Hard Drive reliability monitor. Provides i/o analysis and failure rates.
I don't think those can be done on a VPS...would need to be done on the node level.