Speed up and secure Apache SSL encryption.

By default apache loads a bunch of encryption protocols. Most of which either are insecure and/or slow.

The location of these settings are based on DirectAdmin's Apache 2.4.x, however, you should easily be able to locate them in your apache .conf files.

vi /etc/httpd/conf/extra/httpd-ssl.conf

Set Apache to only use the fastest and best encryption algorithms.

Now comment out the default SSL settings and add new ones as shown below:

Tags: apache SSL security performance

How-to: Secure tmp directories on linux

source: How-To: Secure your temp directories

Every system needs temporary folders that any user is able to read and write BUT these directories should not be able to execute programs or scripts. Though this will only protect you from somebody running the script directly it will help with a large portion of the automated rootkits and trojans that script kiddies use. They will still be able to put the files on the system but they will be unable to execute them and create the back door. One of the biggest problems is php injection via apache in which people will have apache download and then run an exploit. Securing the temp directories is probably the single biggest thing you can do towards securing your server.

Tags: Server Linux security how-to