Resolved server security

[noasetpro]

Hello!
Just one question about server security.
Currently I have one small VPS (just for testing) Debian 10 + Plesk Obsidian 18.0.40 + Imunify360, but I want to setup something better like VDS with max. 10 hosted domains.
VDS will be based on Debian 10 with Plesk and Imunify360 just like already have.
My question is: What I need to do for maximum server secure? How to protect it against hacking?
Thank's for help and answers!
Best regards,
Goran

 

[Monty]

You can follow these steps: https://support.plesk.com/hc/en-us/articles/115000626925--How-to-secure-a-Plesk-server

 

[noasetpro]

thank's

 

[Maarten]

Just a few tips which are not mentioned on the above link:

- mount /tmp with nodev, nosuid, and noexec options:

Linux Security: Mount /tmp With nodev, nosuid, and noexec Options

How do I mount /tmp with nodev, nosuid, and noexec options to increase the security of my Linux based web server? How can I add nodev, nosuid, and noexec options to /dev/shm under Linux operating systems?

www.cyberciti.biz

- be careful with the php allow_url_fopen setting. Disable it if possible. This used to be a huge hacker honeypot back in the days, not sure if this is still the case?