Install mod_spamhaus Apache module to fight comment spam
mod_spamhaus is an Apache module for DNS Block Listing that protects web services by denying access to particular IP addresses. It can stop spam relaying via web form URL injection, and block HTTP DDoS attacks from bot-nets.
It queries sbl-xbl.spamhaus.org, taking advantage of the Spamhaus Block List (SBL) and the Exploits Block List (XBL).
1. Download the latest mod_spamhaus deb package from sid package repository (mod_spamhaus is not available for lenny but we can use the sid package)
wget http://ftp.us.debian.org/debian/pool/main/m/mod-spamhaus/libapache2-mod-spamhaus_0.7-1_i386.deb
Installing EHCP (Easy Hosting Control Panel)
EHCP is a powerful, yet easy to install control panel that allows the user to manage services such as Web, FTP, Database and DNS servers.
The install script handles the installation and configuration of the required services. I recommend starting with a clean Debian system to avoid conflicts.
1. Download required EHCP files
wget http://www.ehcp.net/download
Installing nginx from source with mail support
nginx is a lightweight, high performance web server/reverse proxy and e-mail (SMTP/IMAP/POP3) proxy.
1. Install required packages
apt-get install build-essential autotools-dev debhelper libpcre3-dev zlib1g-dev libssl-dev
Installing the GeoIP Apache module
This module allows you to determine which country, region, city, postal code, area code the visitor is coming from.
1. Install the module
apt-get install libapache2-mod-geoip
Install XCache
XCache is a fast, stable PHP opcode cacher that has been tested and is now running on production servers under high load. It overcomes a lot of problems that has been with other competing opcachers such as being able to be used with new PHP versions.
1. Installing the XCache package
apt-get install php5-xcache
Installing suPHP
suPHP is a tool for executing PHP scripts with the permissions of their owners. It consists of an Apache module (mod_suphp) and a setuid root binary (suphp) that is called by the Apache module to change the uid of the process executing the PHP interpreter.
1. Install suPHP
apt-get install libapache2-mod-suphp
Scan your web server for vulnerabilities with Nikto
Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.
1. Install Nikto
apt-get install nikto
Installing and configuring Squid proxy server
Squid is a caching proxy supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.
1. Install the Squid package
apt-get install squid
Simple load balancing using Pound
The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively.
1. Install the pound package
apt-get install pound
Installing Zend Optimizer
The Zend Optimizer enables you to run Zend Guard encoded files.
1. Download a copy of Zend Optimizer / Guard from the location below and put it into /tmp
http://www.zend.com/en/products/guard/downloads