Question

Server security. Prevent hacker attacks...

  • Posted September 9, 2014

Hallo,

I have configured the Cloud in the following way:

Step 1 - I installed Linux, nginx, MySQL, PHP (LEMP) as shown in this guide:

https://www.digitalocean.com/community/tutorials/how-to-install-linux-nginx-mysql-php-lemp-stack-on-ubuntu-14-04

Steep 2 - I installed Phpmyadmin as shown in this guide:

https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-with-nginx-on-an-ubuntu-14-04-server

Cloud on I will use a site based on Wordpress. With this configuration, the server is secure? What safety measures should I install to increase security? I’m worried.

Thank you so much!

Subscribe
Share

You might want to read the following guide: https://www.digitalocean.com/community/tutorials/how-to-use-ssh-keys-with-digitalocean-droplets

When I checked my server logs, I am receiving more than 300 login attempts per hour; it will someday get through. Using keypairs instead of password based login eliminates this risk.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Along with the advice above about ssh-keys change the port that ssh listens on. On a debian system the setup is in /etc/ssh/sshd_config. Should be the same on other flavors of Linux. Also you may want to install a firewall like shorewall to shut down all ports that you don’t use just in case there is a mistake in a setting somewhere that would open up a service to the outside by mistake. Also look into ssh port forwarding that would allow you to connect to services that you have blocked to the outside over a secure link.

One of the most important things you can do in order to keep WordPress safe is make sure it is kept up to date. Many websites get compromised by using known exploits that have already been fixed. People scan the internet looking for older versions of software to use the known vulnerabilities.

Keeping everything else on the server up to date is also important. You should regularly log in and apply security updates on the server.

Some more general tips: