Protection:

1. DenyHosts

DenyHosts was composed in Python programming language that planned to run by Linux system administrators and users to screen and analyses SSH server access logs for unsuccessful login efforts. It is an open source log-based interruption avoidance security script. The script ban the IP addresses that failed in few login attempts and furthermore helps to prevent such attacks from getting entrance to the server

2. Disable Root Login

Naturally Linux frameworks are every arranged to permit ssh remote logins for everybody including root client itself, which permits everybody to specifically log into framework and increase root access. Notwithstanding the way that ssh server permits a more secure approach to incapacitate or empower root logins, its generally a smart thought to handicap root access, keeping servers some more secure.

Redundancy:

Web server protection and redundancy:

Apache web server security:

DNS injection:

Spam from web structures is not just common, its a most optimized plan of attack strategy for getting your area boycotted by any semblance of Spamhaus. To counteract DNS Injection assaults, which are assaults that can infuse fake DNS names into your server’s store, you have to add another module to Apache. Take after these strides.

Utilization Allow and Deny to Restrict access to Directories

We can limit access to indexes with “Permit” and “Deny” alternatives in httpd.conf record.

Here in this illustration, a method securing root catalogue is given, for that by setting the accompanying in the httpd.conf record.

Alternatives “None” – This alternative won’t permit clients to empower any discretionary highlights.

Request deny, permit – This is the request in which the “Deny” and “Permit” mandates will be handled. Here it will “deny” first and “permit” next.

Deny from all – This will deny demand from everyone to the root index, no one will have the capacity to get to root directory

Redundancy for web server:

It is important to define a service in the cluster. All the required parts in cluster need to be are well managed. On account of an Apache Web Server that fizzles over, make sure the Web server can be come to regardless of where it’s facilitated. You’ll require a special IP address for the Apache Web Server that comes up short over and is initiated before restarts. Your Web server additionally needs access to its archive root, which contains the records that the Web server offers. To keep these information records accessible, regardless of which node the Web server is running, make a shared file system and guarantee its mounted on the hub that runs the Web server. Presently you can begin running the Web server.

References:

http://www.tecmint.com/5-best-practices-to-secure-and-protect-ssh-server/

http://www.techrepublic.com/blog/smb-technologist/secure-your-apache-server-from-ddos-slowloris-and-dns-injection-attacks/

http://www.tecmint.com/apache-security-tips/

http://searchdatacenter.techtarget.com/tip/Six-steps-to-create-a-highly-available-Apache-Web-service