Server security. Prevent hacker attacks...

September 9, 2014 2.1k views


I have configured the Cloud in the following way:

Step 1 - I installed Linux, nginx, MySQL, PHP (LEMP) as shown in this guide:

Steep 2 - I installed Phpmyadmin as shown in this guide:

Cloud on I will use a site based on Wordpress.
With this configuration, the server is secure? What safety measures should I install to increase security? I'm worried.

Thank you so much!

1 comment
3 Answers

One of the most important things you can do in order to keep WordPress safe is make sure it is kept up to date. Many websites get compromised by using known exploits that have already been fixed. People scan the internet looking for older versions of software to use the known vulnerabilities.

Keeping everything else on the server up to date is also important. You should regularly log in and apply security updates on the server.

Some more general tips:

by Etel Sverdlov
SSH keys provide a more secure way of logging into a virtual private server with SSH than using a password alone. With SSH keys, users can log into a server without a password. This tutorial explains how to generate, use, and upload an SSH Key Pair.

Along with the advice above about ssh-keys change the port that ssh listens on. On a debian system the setup is in /etc/ssh/sshd_config. Should be the same on other flavors of Linux. Also you may want to install a firewall like shorewall to shut down all ports that you don't use just in case there is a mistake in a setting somewhere that would open up a service to the outside by mistake. Also look into ssh port forwarding that would allow you to connect to services that you have blocked to the outside over a secure link.

Have another answer? Share your knowledge.