Hello, new to digitalocean, I have created my first droplet here and i immediately went to configure my firewall following this nice tutorial : https://www.digitalocean.com/community/tutorials/how-to-setup-a-basic-ip-tables-configuration-on-centos-6
I have jumped from another company here, today, after 10 days of trying to setup(and learn) a simple web server for several domains(nothing fancy). While my vps was new i was under some sort of attack/scan all the time which led others submitting abuse tickets to my provider thus my vps being locked. So the question is, is the above setup enough to NOT cause any inconvenience to my self and to others and give me enough time to further improve my firewall rules ?
Thanks in advance.
(Sorry for putting this out in such a generic and “noobish” way but i want to start with a good base.)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Hello there,
It is essential to secure your droplet, however running malware software is not definitely a must, but it is still a good thing to do.
I’ll highly recommend checking our tutorial An Introduction to Securing your Linux VPS
https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps
I can recommend using software like Linux Malware Detect which is a malware scanner for Linux.
Regards
Thank you asb, Although my login credentials weren’t compromised or anything i will surely go with the SSH key soon.
By far the biggest piece of security advice I can offer is to use SSH keys instead of passwords to access your server. Brute force login attacks are one of the most common ways for a server to be compromised. This tutorial shows you how:
Relatedly, I would also suggest disabling root login all together and create a separate “sudo” user. Check out this tutorial series for our recommended first steps with a new CentOS server: