Question

What security measures to take on the droplet?

Posted August 11, 2015 3.9k views
UbuntuGetting StartedSecurity

Hi, I’ve implemented these security measures on my new droplet as part of the basic setup:

  1. Enabled SSH keys
  2. Disabled root login
  3. Disallowed password authentication
  4. Restricted use of PAM
  5. Changed port number
  6. Limited users through SSH
  7. Installed UFW firewall

Do you think these are sufficient or there are any other security aspects that I should have on the droplet before going ahead with LAMP or LEMP stack to eventually install WordPress?

Sharing of your personal experiences will be highly appreciated. Thanks. :)

Add a comment
F3cd3894f9ef60cc85e1e5632b04a24f053cb2cc
By:
Linza
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
ryanpq August 11, 2015

This is a good start! I would also recommend setting up fail2ban if you begin seeing a lot of failed ssh authentication attempts. With the changed port you might not so I’d watch your logs and set up fail2ban if it makes sense.

Reply Report
  • Linza August 11, 2015

    Thanks for your reply, Ryan. Regarding fail2ban, I read in one of the tutorials here that if you disable password authentication then there is no need to install it, as it is only needed when you have the password authentication allowed.

    As you mention changing the post further reduces SSH authentication attempts, but I read about port scanning too. What should I install that would help me watch the logs and alert me whenever there is port scanning. I saw a tutorial on PSAD but that needs iptables and a mail server. Let me know your views.

    Reply Report
Linza August 11, 2015
[deleted]
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help