Securing my droplet questions

April 1, 2016 2.2k views
Security WordPress DigitalOcean

I originally created my droplet without an SSH key, and then used server pilot to configure wordpress..what do I need to do in order to harden and secure my set up?

4 Answers

I would turn on SSH key authentication, turn off password authentication, and implement a basic firewall which filters ports that are unused and allows those are that used and ICMP.

Do not bother changing your SSH port number or installing fail2ban, unless you like more trouble with no extra security.

You will also want to update your server with the latest OS updates.

Thanks for the replies.
How do I turn on SSH key authentication?

I have successfully created the keys but can't copy the key to the "authorized keys" file?
I'm just getting "command not found"
Not sure what I need to do

Have another answer? Share your knowledge.