We urgently need linux expert to help us to secure our new linux server.
Secure PHP Scripts
1. Apply suPHP; maintain PHP permissions for uploaded files.
2. We are not sure but if you know any method to restrict executable files like php script from upload; we will be greatful.
3. Compile PHP from Source; so if we want to modify any native PHP function we can do that. Hackers easily target php mail() function; so we need to track which script is using this function to send email.
Firewall
1. Install CSF; avoid hackers to bruteforce server; and blacklist them for 5 invalid attempts.
2. Tell us if you have more security consideration
Email Service
1. Make our Postfix secure; we already got blacklisted so many times, so we cannot take rise; make some policy
system so each user can only send 20 emails per hour, and tell us how we can create custom policies.
2. Avoid Postfix to send email "FROM" domain which do not exists in our database. Make sure receptents exists.
3. Apply domainkey so our email do not goto spam?
Problems from Old Server:-
1. When we use Plesk Migrator; then old server stop responding for SSH through password, however you can login through Key/Pair auth. We would like you to troubleshoot this issue because Plesk Migrator use Password for SSH, and this hanging cause us load on both servers because migrator keep try to login.
2. We have removed all hackers uploaded script, but hacker still get access to server. We have firm believe that they have attached their virus/malicious code to some cronjob or another process; we would you to look into this and let us know how hacker able to generate mass emails.
I think we explained what we intend to do; and if you are Linux Expert, esp. in security,, we do not need to tell you what you have to do. So please value your and our time and bid precisely both for time and money; and we want execllent communication. (and we mean it)
Any question/confusion please write us in pmb.
Thanks
Hello,
I am very experienced in the security/web security field, and have several certifications. Everything you have outlined in your post seems easily doable. Your security requirements seem to be covering most of the commonly vulnerable areas of websites and servers, but I do have a few suggestions of my own.
I look forward to the possibility of working with you in the future.