DreamHost PS Hardening and Management
Overview of Hardening and Managing a DreamHost PS
Intent of article is to help new admins with general information on hardening (securing) and managing their virtual server. Since there are are already articles about managing PS using DreamHost's web panel, this article will attempt to show other, third party viable solutions and how they may interact with DreamHost's default server setup. Initial draft centers on a basic Apache web server setup, with Webmin management augmenting DreamHost's panel.
Hardening a DreamHost PS
Hardening, or securing, your PS is critical to the security of the server and your data. There are many resources on the web with regards to hardening a Linux installation. The base PS Operating System is Debian Linux 5.0 'Lenny' making Securing Debian Manual the most relevant documentation to read first, specifically the section on services, since DH has set most of the system up already.
Debian would normally include a kernel with compiled support for the iptables firewall. However, due to limitations with the virtualization software, Linux-VServer, utilized to create each DreamHost PS, there is currently (June, 2010) no functioning iptables or other firewall program. At this time, Linux-VServer does not support network namespaces (as would be needed when using a guest OS iptables firewall).
You could install another firewall package... but with a basic web server setup, and limited service ports open, it may be overkill. We'll concentrate on hardening the ports you need to leave exposed for remote management and turning off all services that you don't need. Certainly, if you feel a firewall is necessary, you should install one.
Managing a DreamHost PS
You can use directions at the following link to download and install webmin.
dpkg --install webmin_1.710_all.deb
works fine but;
You will see an error about libauthen-pam-perl and apt-show-versions packages. (November, 2014)
You can also follow instructions at the link below to enable port 10000 to access webmin interface, http://yourserver:10000/ .
Dreamhost VPS returns an error to command; (November, 2014)
sudo iptables -A INPUT -p tcp -m tcp --dport 10000 -j ACCEPT
FATAL: Could not load /lib/modules/3.1.9-vs126.96.36.199vs188.8.131.52+/modules.dep: No such file or directory iptables v1.3.6: can't initialize iptables table `filter': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded.
You can use
dpkg -r webmin
to uninstall webmin from your VPS