To prevent from hack to the server and sites the following settings need to be done strictly on the server else wait for hacker to hack the server….
1) Disable the system binaries, like wget, gcc, lynx and others to stop anyone from using them.
2) Secure the PHP by disabling the vulnerable php functions as per your requirement in server main php.ini file.
The vulnerable functions are as follows and you can also refer the following URL http://php.net/quickref.php to collect more information about php function.
“shell_exec,system,passthru,exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,highlight_file,escapeshellcmd,define_syslog_variables etc”
3) Once in every month make sure that PHP/Apache is up to date with the latest secured patch.
4) Install the mod_security and update it with latest ruleset! Mod_security through cPanel installation has NO ruleset, so you have to search the rule set in google.
5) Patch the kerenl module with the current kernel patches.