How to secure a linux server
Well, as you know 100% security does not exist, so our only chance is to try secure our servers as best as posible. The steps that I take to secure a linux server:
1. Change the default ssh port. I’ve created once a new server directly connected with a public IP, left it for 12 hours with standard settings and during this period I had around 9000 failed login attempts. Leaving the standard ssh port available is not a good idea for the script scanners. This is not going to protect you against a hacker that will scan your IP but at least you will avoid those annoying scripts. You can find the steps for this here
2. Always have the most recent update installed on your system. You can do this by tiping the folloing command:
Debian: sudo apt update RHEL: sudo yum update
3. Disable root login via SSH. This account is like the god of your operating system. You must not give others the oportunity to access you server via root. Use another account, that can be added to the sudo group, giving you admin rights on the system via SSH. You can find configuration steps in this article
4. Being able to login via username and password is not that secure, you are susceptible to attacks with password dictionary or brute force. Creating a key file to login is a much safer way, here are the steps you need to use.
5. One extra step to configure, if possible, is that you should always use your Linux server behind a firewall. In a business network environment or in a datacenter it is a great choice to keep this extra layer, access to SSH port being granted only for specific IP addresses or via VPN.