DreamHost PS Hardening and Management
Overview of Hardening and Managing a DreamHost PS
Intent of article is to help new admins with general information on hardening (securing) and managing their virtual server. Since there are are already articles about managing PS using DreamHost's web panel, this article will attempt to show other, third party viable solutions and how they may interact with DreamHost's default server setup. Initial draft centers on a basic Apache web server setup, with Webmin management augmenting DreamHost's panel.
Hardening a DreamHost PS
Hardening, or securing, your PS is critical to the security of the server and your data. There are many resources on the web with regards to hardening a Linux installation. The base PS Operating System is Debian Linux 5.0 'Lenny' making Securing Debian Manual the most relevant documentation to read first, specifically the section on services, since DH has set most of the system up already.
Debian would normally include a kernel with compiled support for the iptables firewall. However, due to limitations with the virtualization software, Linux-VServer, utilized to create each DreamHost PS, there is currently (June, 2010) no functioning iptables or other firewall program. At this time, Linux-VServer does not support network namespaces (as would be needed when using a guest OS iptables firewall).
You could install another firewall package... but with a basic web server setup, and limited service ports open, it may be overkill. We'll concentrate on hardening the ports you need to leave exposed for remote management and turning off all services that you don't need. Certainly, if you feel a firewall is necessary, you should install one.
Managing a DreamHost PS