What security measures to take on the droplet?

August 11, 2015 1.5k views
Security Getting Started Ubuntu

Hi, I've implemented these security measures on my new droplet as part of the basic setup:

  1. Enabled SSH keys
  2. Disabled root login
  3. Disallowed password authentication
  4. Restricted use of PAM
  5. Changed port number
  6. Limited users through SSH
  7. Installed UFW firewall

Do you think these are sufficient or there are any other security aspects that I should have on the droplet before going ahead with LAMP or LEMP stack to eventually install WordPress?

Sharing of your personal experiences will be highly appreciated. Thanks. :)

2 Answers

This is a good start! I would also recommend setting up fail2ban if you begin seeing a lot of failed ssh authentication attempts. With the changed port you might not so I'd watch your logs and set up fail2ban if it makes sense.

  • Thanks for your reply, Ryan. Regarding fail2ban, I read in one of the tutorials here that if you disable password authentication then there is no need to install it, as it is only needed when you have the password authentication allowed.

    As you mention changing the post further reduces SSH authentication attempts, but I read about port scanning too. What should I install that would help me watch the logs and alert me whenever there is port scanning. I saw a tutorial on PSAD but that needs iptables and a mail server. Let me know your views.

Have another answer? Share your knowledge.