Introduction
As a web hosting provider, ensuring the security of your shared hosting servers is crucial to protect both your clients' data and your reputation. CentOS and AlmaLinux are popular choices for server environments, offering stability and long-term support. In this article, we will discuss several steps to secure your shared hosting servers running CentOS or AlmaLinux and maintain a robust security posture.
1. Keep Your System Updated
Regularly update your system to ensure you have the latest security patches and software versions. Use the package manager (dnf or yum) to update your packages and kernel:
sudo dnf update
or
sudo yum update
2. Configure a Firewall
A firewall is essential to control incoming and outgoing network traffic. Install and configure a firewall like firewalld to manage your system's security:
sudo dnf install firewalld
sudo systemctl enable --now firewalld
Configure firewalld rules to allow necessary services and block unwanted ones.
3. Secure SSH Access
Secure your SSH access by following these practices:
- Change the default SSH port to a non-standard port.
- Disable root login and use a non-privileged user with sudo access.
- Use key-based authentication instead of passwords.
- Limit SSH access to specific IP addresses or subnets.
Modify the SSH configuration file `/etc/ssh/sshd_config` to implement these changes and restart the SSH service:
sudo systemctl restart sshd
4. Harden PHP Configuration
Edit the `php.ini` file and make the following changes to enhance security:
- Disable dangerous functions, e.g., `exec`, `system`, `shell_exec`, etc.
- Set `expose_php` to 'Off' to hide the PHP version.
- Enable `open_basedir` to restrict PHP file access to specific directories.
5. Install and Configure ModSecurity
ModSecurity is a popular Web Application Firewall (WAF) that helps protect your server from common web attacks. Install ModSecurity and configure it to work with your web server (Apache or Nginx).
6. Install and Configure a Malware Scanner
Install a malware scanner like ClamAV to detect and remove malicious files on your server:
sudo dnf install clamav clamav-update
Update the virus database and schedule regular scans using cron jobs.
7. Disable Unused Services and Remove Unnecessary Packages
Minimize the attack surface by disabling unused services and removing unnecessary packages:
sudo systemctl disable serviceName
sudo dnf remove packageName
8. Implement User Isolation
Ensure that users on your shared hosting server cannot access each other's files. Use security features like CageFS (available with CloudLinux OS) or configure your web server to isolate user accounts effectively.
9. Regularly Audit Your Server
Conduct periodic security audits to identify potential vulnerabilities and address them proactively. Tools like Lynis can help you audit your server's security.
10. Monitor Logs and Set Up Alerts
Regularly monitor log files and set up alerts for suspicious activity using log monitoring tools like Logwatch or the ELK stack (Elasticsearch, Logstash, and Kibana).
Conclusion
Securing your shared hosting server is an ongoing process that requires regular maintenance, monitoring, and timely updates. By implementing these best practices and staying vigilant, you can provide a secure environment for your clients and minimize the risk of security breaches.