It’s a very loaded question, I’ll try my best here, keep in mind it’s 4am, so I’m just giving you highlights, not detailed explanations.
Linux I’m assuming you’re using a recent version of Ubuntu
- Change the default SSH port from 22, to something else (/etc/ssh/sshd_config).
- Either enable AllowGroups or AllowUser in the sshd_config,
- Install fail2ban (apt-get install fail2ban)
- Install apache2, php5, and mysql-server
- Edit /etc/apache2/conf.d/security.conf and make appropriate changes for a production server.
- Disable the slow query log in MySQL (you don’t want this on in production, especially on a VPS)
- Configure your system timezone (dpkg-reconfigure tzdata)
- Make sure your php.ini reflects the same time zone
- Add a new virtualhost in /etc/apache2/sites-available/ (leave the default one alone)
- Enable this virtual host by: a2ensite nameofnewvhostfile
- Enable mod-rewrite (a2enmod rewrite)
- Restart apache2 /etc/init.d/apache2 restart
You can do some other things as well, like install Shorewall, or UFW for better firewall management, install Nginx as a reverse proxy to apache, tweaking the query cache, but this really depends on a whole bunch of other things, and you should tweak mysql settings after being in production mode for a few days.