As world wide web is full of bots who try to brake anything the can it's important to have secure server. First of all you should have secure password. This is very important. Like for example you have user named "root" and password "root12345", it's almost granted you will be hacked! :) As my projects grow i moved from shared hosting to vps hosting and now the fun starts, now i'm getting attacks from automated scripts who try to login in my vps. So i make some little security tip here: What you should do after getting vps. So basically when you get vps the company will give you access username and password. (username will be "root" in most of cases.) So automated scripts don't have to think a lot.. so basically they will try to login using root user or some other common username with random passwords. So here i thought i have to do something..
How to improve SSH server security
So basically what i did is disabled access for root user and allowed ssh access only from one username. I think it's simplest thing that all people who own vps should do..
Step 1. Add new user (but use NOT common names)
Step 2. Add secure password
Step 3. Add root rights
echo 'mynamemysurname123 ALL=(ALL) ALL' >> /etc/sudoers
Step 4. Edit ssh config nano /etc/ssh/sshd_config Change PermitRootLogin and at bottom add AllowUsers
PermitRootLogin no AllowUsers mynamemysurname123
Step 5. Restart ssh
/etc/init.d/sshd restart OR service sshd restart
Step 6. Test if it works.
DONT LOCK YOU SELF OUT. Test from other terminal that you can login, before closing working terminal.
SSH security tips
- Have secure username (Don't use root username)
- Have secure password (Don't use passwords like 12345)
- Allow access only from specified users
- Block ip addresses that you don't like alot (You cant block all ip addresses)
How to block ip address
To block ip addresses
iptables -I INPUT -s XX.XXX.XX.XX -j DROP service iptables save
To see all blocked ip addresses
iptables -L -v
There are lot other things you can do, but you should start with this :)