Over the years I have had to harden a great number of LAMP boxes, I have found some methods work for better than others. I will now share with you all my favorite 10 along with methods to implement them on Debian/Ubuntu.
10. Lock SSH access right down. I do this by disabling root logins, disabling password authentication and using denyhosts.
To disable root logins do this:
vi /etc/ssh/sshd_config and look for the following line:
PermitRootLogin yes and change it thus: