Question
How do I maintain and protect my server/droplet for the long term?
- Posted December 23, 2014
Imagine a customer so ignorant that he could install a droplet but then didn’t know what to do after that on a regular basis? OK, stop imagining. That’s me. Droplet is installed. DNS seems to be set up adequately. Dev environment works, and mysite.com/index.html is visible to the outside world.
Now what do I do on a regular basis to keep bad guys out and my system healthy? Here’s the checklist I’ve come up with but I’m sure it’s hilariously naive and inadequate.
- Install logwatch
- Install OSSEC and configure it.
- Set up a firewall.
Then, every day or every couple of days do these things? But what’s missing from this todo list?
- View OSSEC logs daily
- View logwatch logs daily?
- Every couple of days, check for updates:
$ sudo apt-get update
$ sudo apt-get upgrade
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
You seem to have a good starting plan. In addition to this I would also recommend taking steps to secure the individual services you will be running. For example, setting up key based authentication for ssh, changing the default port and setting up fail2ban are good steps to take to secure your ssh service. You can find more details in our Introduction to Securing your Linux VPS and in the tutorials in the Security section of this site.