Question

Securing my droplet questions

Posted April 1, 2016 2.4k views
WordPressSecurityDigitalOcean

I originally created my droplet without an SSH key, and then used server pilot to configure wordpress..what do I need to do in order to harden and secure my set up?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
4 answers

I would turn on SSH key authentication, turn off password authentication, and implement a basic firewall which filters ports that are unused and allows those are that used and ICMP.

Do not bother changing your SSH port number or installing fail2ban, unless you like more trouble with no extra security.

You will also want to update your server with the latest OS updates.

Thanks for the replies.
How do I turn on SSH key authentication?

Thanks,
I have successfully created the keys but can’t copy the key to the “authorized keys” file?
I’m just getting “command not found”
Not sure what I need to do

Submit an Answer