We need security experts to give us a well documented plan for securing several servers/web sites using Linux with Apache, MySQL, PHP, and more as listed below.
The plan should be a .txt or .html or similar format. Just mention it in your bid.
You can bid on all or only some of the following, just mention it in your bid. We may accept more than one bidder:
Linux (Debian preferred, if you want to recommend another, mention this in your bid):
Apache
MySQL
PHP
Remote admin access security
Firewall
Backup
Mail server/client
FTP server/client
SSH/SSL
Virus, trojan, spyware protection
We need recommandations with pros & cons, and a step by step
installation/configuration guide for each of the above.
The information supplied can be a copy paste from several web sites or
information from books as long as the URL/source/page is included.
Linux (Debian preferred, if you strongly recommend another, mention
this in your bid):
step by step installation/configuration guide
security, list of common mistakes, prevention, safest use
user session security, e-commerce payment security
packages to install/remove and why
do you recommend security changes with a rebuild or just configurations? and why?
security settings with explanation
if you consider security an ongoing task, please recommend web sites/rss feeds on how to stay secure.
security for remote admin access
Apache:
step by step installation/configuration guide
security, list of common mistakes, prevention, safest use
user session security, e-commerce payment security
security for remote admin access
MySQL:
step by step installation/configuration guide
security, list of common mistakes, prevention, safest use
user session security, e-commerce payment security
security for remote admin access
PHP:
step by step installation/configuration guide
security, list of common mistakes, prevention, safest use
user session security, e-commerce payment security
security for remote admin access
Remote admin access security:
step by step installation/configuration guide
which techniques, open source/paid application do you recommend with pros/cons
access using linux based, windows XP/vista/7 based
Firewall:
step by step installation/configuration guide
security for remote admin access
how to manage remotely in a secured way
each port and protocol enabled/disabled has to be clearly listed (use, issue)
range can be used for disabled ports if not used
e.g.
port protocol description state use
21 ftp file transfer protocol enabled update web site/data, backup
Backup/restore:
step by step installation/configuration guide
which open source/paid version do you recommend with pros/cons
preventing illegal access
security for remote admin access
Mail server/client:
step by step installation/configuration guide
which open source/paid version do you recommend with pros/cons
security, preventing illegal access, disabling relay, reducing spam, preventing mass mailing, etc...
security for remote admin access
FTP server/client:
step by step installation/configuration guide
which open source/paid version(s) do you recommend with pros/cons
security, preventing illegal access, disabling relay, reducing spam, etc...
security for remote admin access
SSH/SSL:
step by step installation/configuration guide
security, list of common mistakes, prevention, safest use
admin session security
Virus, trojan, spyware protection:
step by step installation/configuration guide
security techniques, or open source/paid application(s) do you recommend with pros/cons
security for remote admin access
Preventing bandwidth stealing:
step by step installation/configuration guide
how to prevent other sites from using our content
Other recommendations:
more is better!