installs and configures Apache modules mod_security and mod_evasive to prevent against web application and denial of service (DOS) attacks. Mod_security is a intrusion detection and prevention engine which provides protection against a wide range of attacks, both known and unknown, against web applications. We use a customized rule set which is updated daily to ensure your server is always protected.

installs and configures intrusion detection software Rootkit Hunter and Chkrootkit and configures them to perform nightly security audits to ensure your server is safe. We also install proprietary scripts which prevent against unauthorized processes and allow us to dynamically check the security of your server as attack methods evolve.

- ClamAV - Configure for e-mail scanning. Enable auto-updating anti-virus definitions.

- Realtime Blackhole Lists (RBLs) - Configure email server with RBLs to prevent spam.

- Harden Mailserver Configuration - Prevent against detection of valid e-mail address through brute-force attacks.

- Dictionary Attack Protection - Prevent spammers guessing email addresses on your server.

- Custom rulesets - Custom hand-selected SpamAssassin and ClamAV rulesets to increase spam detection.

- APF - Configure Completed firewall protection

- BFD - Detect and prevent brute force attacks

- CPHulk - Detect and prevent brute force attacks

- Mod_security - Install and configure mod_security for Apache with auto-updating ruleset

- Mod_evasive - Install and configure DOS, DDOS, and brute force detection and suppression for Apache

- PHP SuHosin - PHP Hardening through the Hardened PHP Project. Available on request

- Rootkit Hunter - Nightly scan to detect system intrusions

- Chkrootkit - Nightly scan to detect system intrusions

- Nobody Process Scanner - Scans for unauthorized "nobody" processes

- Disable IP Source Routing - Enable protection against IP source route attacks

- Disable ICMP Redirect Acceptance - Enable protection against ICMP redirect attacks

- Enable syncookie protection - Enable protection against TCP Syn Flood attacks

- Enable ICMP rate-limiting - Enable protection against ICMP flood attacks

- Harden Apache - Prevent module and version disclosure information

- Harden SSH - Allow only SSH version 2 connections

- Harden Named - Enable protection against DNS recursion attacks

- Ensure Filesystem Permissions - Fix permission on world writable directories and prevent against directory-transversal attacks

- Harden temporary directory and shared memory locations - Enforce noexec, nosuid on tmp and shm mounts

- Remove unnecessary packages - removes RPMS which are not needed to prevent against potential vulnerabilities and free up disk space

- Disable unused services - Disable services which are not used

- Disable unneeded processes - Disable processes which are not needed for server operation

- PAM Resource Hardening - Protects against exploits which use core dumps and against user resource exhausting through fork bombs and other shell attacks

- PHP Hardening - Enable OpenBaseDir protection