Frequently Asked Question

An unmanaged server provides you with total flexibility. Because you have root access to the server, you can install whatever you want, configure it however you want, and run it however you want.

With this freedom comes additional administration tasks, however, andone of the most important of these is security. If you do not take steps to secure your server, you leave it open to attack by malicious actors. A minor attack could be just an annoyance, while a major attack could result in the loss of your entire server configuration and data.

Therefore, it is very important that you try to secure your server as much as possible. The following recommendations can help you do this.

Use strong passwords
Weak passwords can undermine the most carefully configured server. Good security practices start with using strong passwords.

Disable root SSH access Update the server regularly
Security vulnerabilities are constantly being discovered and patched. (One well-publicized example is the “Heartbleed” OpenSSL vulnerability that was disclosed in April 2014.) Maintaining an up-to-date server with the latest patches and fixes is crucial to maintaining a more secure server.

Set up a firewall
A firewall enables you to control incoming and outgoing network packets. For example, you can specify rules that block all incoming packets on port 25, or all outgoing packets to a certain port or host.

Set up fail2ban
The fail2ban program helps secure your server against unauthorized access attempts by monitoring log files for suspicious activity. After a predefined number of failed access attempts from an IP address, fail2ban automatically blocks it.

--