How to secure an unmanaged server?
Last Updated a year ago
An unmanaged server provides you with total flexibility. Because you have root access to the server, you can install whatever you want, configure it however you want, and run it however you want.
With this freedom comes additional administration tasks, however, andone of the most important of these is security. If you do not take steps to secure your server, you leave it open to attack by malicious actors. A minor attack could be just an annoyance, while a major attack could result in the loss of your entire server configuration and data.
Therefore, it is very important that you try to secure your server as much as possible. The following recommendations can help you do this.
Use strong passwords Weak passwords can undermine the most carefully configured server. Good security practices start with using strong passwords.
Disable root SSH access The root account is all-powerful, so one of the first things you should do on a new unmanaged server is create a normal user account and disable root SSH access. For information about how to do this, please see this article.
* Always use a different SSH port (e.g. 3175) from the default port (22), which helps reduce the number of bots attempting to scan and access your server. Nevertheless, it is a very good idea to disable root SSH access.
Update the server regularly Security vulnerabilities are constantly being discovered and patched. (One well-publicized example is the “Heartbleed” OpenSSL vulnerability that was disclosed in April 2014.) Maintaining an up-to-date server with the latest patches and fixes is crucial to maintaining a more secure server.
Set up a firewall A firewall enables you to control incoming and outgoing network packets. For example, you can specify rules that block all incoming packets on port 25, or all outgoing packets to a certain port or host.
Set up fail2ban The fail2ban program helps secure your server against unauthorized access attempts by monitoring log files for suspicious activity. After a predefined number of failed access attempts from an IP address, fail2ban automatically blocks it.
--