[GUIDE] Basic steps to secure your Ubuntu / Debian server
This is tutorial for newbies and it will help you that you harden a little bit your ubuntu/debian server.
1) Update and upgrade apt and your packages
apt-get update && apt-get upgrade
By doing this regularly you will always have up to date packages and current fixes.
2) Change SSH port as most of automated brute force attacks and sniffers are aimed to port 22. You will do half of the job by simply changing port that port to some high port. Lets say 222 is our target port for this tutorial. SSHd config file is located here: /etc/ssh/sshd_config
What we need to do is to launch nano and change port variable from 22 to 222
Look for following:
We have to change it to port 222 then save changes
Restart sshd to apply the change
service ssh restart
3) Install DenyHosts
Basic idea of deny hosts is to prevent multiple continuous unauthorized login attempts on your ssh server
apt-get install denyhosts
There is no config file tuning needed if you wish to have basic protection. If you wish to play with it little bit more config file is located at /etc/denyhosts.conf
This will help you a little bit. Keep your system always up to date, change your root password regularly and you will be safe.
Unmetered servers starting from $12.00 USD p/m. Xeon® E-2134 for $50.00 p/m ||| Xeon® Silver 4110 for $80.00 p/m
Live server stock ||| Feel free to contact me for custom deal.