How do you secure your WHM/Cpanel server?

Hi,

i'm just new to the WHM/Cpanel,

i've read through the "A Beginner's Guide to Securing Your Server" thread, since it's a beginner's guide to secure, just wondering how you people secure ur server.

normally, i use iptables instead of APF firewall, and i use tcpwrapper to avoid strangers to login to SSH.

i do chkrootkit and rootkit hunter every week.

for server updates, on plain Red Hat, i use yum to up2date the server, but it seems like WHM doesn't like yum, (i saw the yum.conf file, it actually skip the updates), therefore, i assume i need to run server updates under WHM (update server software and update system software), am i right?

for email server, i normally use postfix, hmmn.. exim is new to me, urhhhhh.. :P i usually run postfix with pop before smtp(perl version), amavisd-new, ClamAV and spamassassin to avoid the junk mails and virus. and it seems like WHM already takes care of that, right?

anyways,
is there anything else that i have to take care of my server? something like login to server everyday, checking the error and secure log files?

and.. is it a good idea to install tripwire?