How to Secure my VPS and test it for vulnerabilities

I’m trying to secure my server and finding a balance between usability and security.

There has been some bots or someone that’s been trying to log in my server via ssh because I was looking at my auth.log and it has a long list of ip address trying to guess my log in username/password. I also see alot of guesses for root passwords. But luckily I disabled my root password log in and made it only ssh key when i first got the server. Now i also removed my root login completely.

What I have installed/setup atm

*fail2ban < default config with maxtry 2 and bantime at 2hrs

*root login disabled

*user log in with root and 2 factor authentication/google authenticator

*ssh is still on port 22- dont know what port to change i heard changing port below 1024 is good because its privileged ports. after changing the port what other settings do i have to change/watchout for in case i lock myself out?

also i heard installing wordpress on my vps is bad… what other cms can i install to be secure?

Is there a test i can run to see if my server is vulnerable? do people try to get into your own vps to see if you can?

Currently my server is on ubuntu 14.04

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Changing ports is usually a stupid idea. It does not prevent unauthorized access, nor does it make you less prone to invasion. A simple port scanner will detect OpenSSH opened on another port.

The only and best way to protect your server is to make sure it is always updated, using strong keys instead of password and adding things like fail2ban to prevent brute-force attacks

Step 1. Uninstall fail2ban because it introduces a point of failure without increasing security at all Step 2. Make sure wordpress is configured correctly so that no one can access the wp-config.php or other sensitive files. You can test this with your web browser. Step 3. Profit.

csf has always been a good step for us