Securing my droplet questions

I originally created my droplet without an SSH key, and then used server pilot to configure wordpress…what do I need to do in order to harden and secure my set up?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Thanks, I have successfully created the keys but can’t copy the key to the “authorized keys” file? I’m just getting “command not found” Not sure what I need to do

Thanks for the replies. How do I turn on SSH key authentication?

You will also want to update your server with the latest OS updates.

I would turn on SSH key authentication, turn off password authentication, and implement a basic firewall which filters ports that are unused and allows those are that used and ICMP.

Do not bother changing your SSH port number or installing fail2ban, unless you like more trouble with no extra security.