View All Products
Compute
Storage
Networking
Databases
Services
Developer Tools
Industries
Pricing
Community
Engage With Us
Community Questions Security check
Log in to Ask a Question

Security check

general

Hi,

I'm new to the whole linux thing and just wanted to check I have set things up ok from a security point of view? I am running the latest Ubuntu LTS.

What I have done:

  • Set up UFW firewall to default deny and only allowed the ports I need

  • Changed the SSH port from 22 to a port of my choice

  • Disabled password login totally so I can only login with key

  • Setup Fail2Ban

  • Set my mailserver offsite by using google (I found Citadel a major PITA with people trying to get in)

  • Using Nginx as webserver

Would be grateful for any comments :)

TT

4 Replies

Once you've disabled SSH passwords, the overwhelming majority of attacks will be through your web application, such as Wordpress, etc.

Use the latest version of whatever web application you're running. Get rid of unwanted plugins. And don't give the user that runs your web app any permission to write to any file that isn't strictly necessary.

BTW, you aren't using plain old FTP, are you?

Nope, using SFTP. My web stuff will all be based on the application I am programming, with no public access as such. I point all the public stuff to another server.

ACtually I just had a thought, I use SFTP, but how can I disable normal FTP please? I have SFTP on same port as I SSH to, but all other ports are disabled. I was assuming that on that port it needs to be keys only same as my SSH access? Bit new to all this!

Thanks :)

SFTP and FTP are completely different protocols. SFTP is handled by the SSH server (hence the same port). FTP is handled by an FTP server. If you never installed an FTP server such as vsftpd, you don't need to worry about it.

Cool. I didn't install anything so sounds like I'm good :) Thanks for your comments.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct