Here are a few things to do.
  • First and most important keep your server software updated and patched. Especially old PHP and kernels which can be insecure. A couple links with lots of info: Website security precautions, and Secure settings for PHP on Apache.
  • It's very important that you (if you manage your own web hosting server) or your web host enable open_basedir. In a shared hosting environment without open_basedir, an attacker has the ability to exploit a vulnerability.
  • Enable disable_functions (A disabled_function list below for a good setup)
  • Suhosin will further harden your PHP installation.
  • Close unneeded open ports.
  • Maintain access logs. Depending on the size of your site these can quickly grow in size, but they can be very useful in identifying any access points.
  • Disable direct root login, and change the default ssh port.
  • Secure passwords, limit access
  • Disable allow_url_fopen in php (recommended in the securing PHP link above).
  • If an attack happens, preserve the time stamps of the files affected (ie: using cp -p before deleting the files).
  • Disable world writable permissions (777) for directories. As a general rule, chmod 755 for directories, 644 for files.
  • mod_security
  • Firewall, brute force protection, email notification when someone logs in as root.
  • Backup, backup and backup again also maintain off-site backups.
  • Cloudflare? Clouflare blocks IP addresses, and many Asian countries share IPs (as do dial-up users). Many false positives if you have visitors from these areas, but worthy for high-risk sites.
  • A security diligent host or server admin can be amazing.
Disabled_function List
disable_functions = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate
Was this answer helpful? 0 Users Found This Useful (1 Votes)