To install PHP CGI,

> Connect through SSH and root to the server :
> Install php with the following :

% vinstall php(enter version here)-cgi

> Select the extension that are required
> Please make sure you only select the appropriate extensions
> At any point of time, you may edit php.ini file and add the exntensions
> It is always advisable to upgrade to the recent version
> PHP CGI on VPS Hosting package is installed at ~/usr/local/bin/php

% cd ~/www/cgi-bin

% ln ../../../bin/php.cgi php

> Also, you can make the following changes to httpd.conf file :

Changes in the directory file in order to include PHP CGI

> Also, add the lines so that all files and extensions will be redirected to PHP CGI executables :

for e.g.

Action php4-script /cgi-bin/php
AddHandler php4-script .php .php3 .php4 .phtml

> Restart the VPS by running restart_apache

> In order to check PHP installation, create the following :

~/www/htdocs/test.php(Version) and you may view it in the web browser

phpinfo();
?>

This is how to install PHP CGI on linux vps hosting

If you want to secure your linux VPS Hosting then you will have to secure the cPanel, WHM and Root of your VPS. Below is an article which will help you to secure your VPS.

************************************************************

1) Checking for Formmail

************************************************************

Hackers use Formmail to send out spam email and this is done with the help of relay and injection methods. You may be in jeopardy if you are using matts script or a version of it.

Command to find pesky form mails:
find / -name “[Ff]orm[mM]ai*”

CGIemail is also a security risk:
find / -name “[Cc]giemai*”

Command to disable form mails:
chmod a-rwx /path/to/filename
(a-rwx translates to all types, no read, write or execute permissions).

(this disables all form mail)

You will have to inform him if a client or some other person on your VPS install form mail that you are disabling their script and give them an alternative.

***********************************************************

2) Root kit checker – [url]http://www.chkrootkit.org[/url]

***********************************************************

Set a root kit on a cron job and check for root kits also. You will know if anyone has compromised with your root if you do this. Get the latest root kit checker by updating chrookit. Try to upload the root kit on your server as hackers and spammers will try to find insecure upload forms on your box and then with injection methods. If he can run it, it will modify *alot* of files, possibly causing you to have to reinstall.

To install chrootkit, SSH into server and login as root.
At command prompt type:

cd /root/
wget [url]ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz[/url]
tar xvzf chkrootkit.tar.gz
cd chkrootkit-0.44
make sense

To run chkrootkit

At command prompt type:
/root/chkrootkit-0.44/chkrootkit

Make sure you run it on a regular basis, perhaps including it in a cron job.

Execution

I use these three commands the most.
./chkrootkit
./chkrootkit -q
./chkrootkit -x | more

*********************************************************

Install a root breach DETECTOR and EMAIL WARNING

*********************************************************

Installing a detector and warning at your box will let you know if someone gets the root. You will at least get the hackers or spammers ip address and you will be warned about his presence.

Server e-mail everytime someone logs in as root

To have the server e-mail you everytime someone logs in as root, SSH into server and login as root.

At command prompt type:
pico .bash_profile

Scroll down to the end of the file and add the following line:

echo ‘ALERT – Root Shell Access on:’ `date` `who` | mail -s “Alert: Root Access from `who | awk ‘{print $6}’`” “your@email.com”

Save and exit.

Set an SSH Legal Message

To an SSH legal message, SSH into server and login as root.

At command prompt type:
pico /etc/motd

Enter your message, save and exit.
Note: You can use the following message…

ALERT! You are entering a secured area! Your IP and login information have been recorded. System administration has been notified.This system is restricted to authorized access only. All activities on this system are recorded and logged. Unauthorized access will be fully investigated and reported to the appropriate law enforcement agencies.

********************************************************

Web Host manager and CPANEL mods.

********************************************************

Below are the items which are present inside of WHM/Cpanel and you should change them to make your server more secured.

Goto Server Setup =>> Tweak Settings
Check the following items…

Under Domains
Prevent users from parking/adding on common internet domains. (ie hotmail.com, aol.com)

Under Mail
Attempt to prevent pop3 connection floods
Default catch-all/default address behavior for new accounts – blackhole
(SET TO FAIL)

Under System
Use jailshell as the default shell for all new accounts and modified accounts

Goto Server Setup =>> Tweak Security
Enable php open_basedir Protection
Enable mod_userdir Protection
Disabled Compilers for unprivileged users.

Goto Server Setup =>> Manage Wheel Group Users
Remove all users except for root and your main account from the wheel group.

Goto Server Setup =>> Shell Fork Bomb Protection
Enable Shell Fork Bomb/Memory Protection

When setting up Feature Limits for resellers in Resellers =>> Reseller Center, under Privileges always disable Allow Creation of Packages with Shell Access and enable Never allow creation of accounts with shell access; under Root Access disable All Features.

Goto Service Configuration =>> FTP Configuration
Disable Anonymous FTP

Goto Account Functions =>> Manage Shell Access
Disable Shell Access for all users (except yourself)

Goto Mysql =>> MySQL Root Password
Change root password for MySQL

Goto Security and run Quick Security Scan and Scan for Trojan Horses often. The following and similar items are not Trojans:
/sbin/depmod
/sbin/insmod
/sbin/insmod.static
/sbin/modinfo
/sbin/modprobe
/sbin/rmmod

If you have entered the wrong url or entered some wrong information into the browser, you may see some kind of error page on the screen. 400 Bad request, 401 Authorization Required, 403 Forbidden, 404 Wrong page, 500 Internal Server Error etc. are some of the examples of error pages. These error pages have to customized on the website with the help of the control panel which is provided with the web hosting package you have with for your website. You can also design the error pages of your website according to you. Also, you can add some image to the error pages of your website and also add a link to it so that the user can click on the link and reach the homepage of your website.

If you have Linux VPS Hosting as your web hosting package you can customize the error pages of your website very easily. As the Linux VPS is provided with the cPanel as the control panel, you can easily create some error pages for your website according to you.

Below are some easy steps which will help you to create error pages of your website:-

1) Login in the cPanel of your VPS.

2) Then click on the Error Pages link under the ‘Site Management’ header.

3) Now click on the button of the required error page.

4) Enter the HTML code of the error page. You can use the buttons at the top of the page to insert variables into the    displayed code.

5) Now click on the “SAVE” button.