Question
How to secure my droplet to avoid abuse
- Posted February 1, 2015
Hello, new to digitalocean, I have created my first droplet here and i immediately went to configure my firewall following this nice tutorial : https://www.digitalocean.com/community/tutorials/how-to-setup-a-basic-ip-tables-configuration-on-centos-6
I have jumped from another company here, today, after 10 days of trying to setup(and learn) a simple web server for several domains(nothing fancy). While my vps was new i was under some sort of attack/scan all the time which led others submitting abuse tickets to my provider thus my vps being locked. So the question is, is the above setup enough to NOT cause any inconvenience to my self and to others and give me enough time to further improve my firewall rules ?
Thanks in advance.
(Sorry for putting this out in such a generic and “noobish” way but i want to start with a good base.)
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Thank you asb, Although my login credentials weren’t compromised or anything i will surely go with the SSH key soon.
By far the biggest piece of security advice I can offer is to use SSH keys instead of passwords to access your server. Brute force login attacks are one of the most common ways for a server to be compromised. This tutorial shows you how:
Relatedly, I would also suggest disabling root login all together and create a separate “sudo” user. Check out this tutorial series for our recommended first steps with a new CentOS server: