Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Adding on what @liketop said, also do port knocking so that your ssh port is always locked until you manually unlock it
In that case fail2ban can be removed since ssh will always be blocked unless you request it to be unblocked -
@gitpush sounds interesting i will look into that thx :)
-
I like kernel care: https://cloudlinux.com/all-products...
-
@WhAtEvErYoUmEaN that sounds nice. Can u add a whitelist for your ip then so u dont accidently lock ureselv out
-
@Kubernatural if you do block IP addresses calling ports you don't allow make sure you exclude port knock ports or you'll be locked out lol
-
@gitpush thanks for the tip. A reason to do that on the vps that can do Backups xD
-
@Kubernatural your welcome I locked my self out many times just to be safe lol
I'm currently planning to set myselv up with some vps/dedicated server's for a project. What i plan to do to secure these servers is.
*Use centos 7
* Setup Wireguard and join all of the servers +1 client (my pc) to that network
*Disable SSH Access from outside that VPN
*Only allow RSA Key login to the Servers
*Install Cockpit for monitoring
*Intall docker/kubernetes for the applications i plan to run
What do you guys think of that as a baseline? Im not sure if my lower powered VPS (VPS M SSD from Contabo) will work as Kubernetes Nodes, does anyone have experience with that?
In general these Servers will be used for my projects and other fooling around.
If you guys have other suggestions for Securing/monitoring or other software i could put on to have more control without eating up to much of the Servers power, let me know :D
question
monitoring
vps
dedicated server
linux
security