Following steps are needed to be following for security settings and hardening of servers :-
a..
Security audit
1) Installing rkhunter and Configuring it to update itself daily and
then run itself - it will send you a report if anything is wrong.

2) Repair or Reinstall of corrupt binaries.


a..
Webserver security
1) Installing mod_security with our own custom ruleset. This module
consists of many different rules. The ruleset that we use by default isn't
too strict, but it will block dangerous attempts to hack the server. Because
it consists of so many rules it's very easy for us to add an additional rule
or to disable one, whenever needed.

2) Compiled PHP version 4.3.10.

a..
SSH security
1) Installing and compiling the latest version of OpenSSL.

2) Installing and compiled the latest version of OpenSSH and
Configuring it with the latest version of OpenSSL

a..
Firewall configuration
1) Installing APF firewall (latest version).

2) Configuring the firewall to only accept incoming/outgoing
connections on ports that are needed on your server system.
a..
Server Monitoring
Installing System Integrity Monitor to monitor the following
services:
- Apache
- MySQL
- Email
- Server load
- SSH
- FTP
System will automatically try to fix any possible problems such as
huge logfiles that would automatically be recycled for instance. If the
system can't fix the problem itself it will send you an email.

a..
Environmental security
1) Mounting /tmp partition with noexec so that no files on these
partitions can be executed.

2) Disabling compilers for all users but root.

3) Sysctl.conf hardening to make it much harder to get attacked by syn
floods.

4) Open basedir protection setup.

5) Installing chkrootkit and Configuring it to send you a daily report
.

a..
Apache tweaking
1) Installing Zend Optimizer.

2) Tweak Apache configuration.

3) Recompile Apache with commonly used modules.

a..
Email scanning for viruses and spam
1) Installing Antivirus & MailScanner after approval.
2) Adding a cronjob to update your filters once per week
(automatically).

3) Adding Extended logging to track spammers.

4) Installing formmail trap to track formmail spammers.