Answer the question
In order to leave comments, you need to log in
VPS after purchase - do you need any "protection"?
Bought a clean VPS. Installed apache2, php7.3, mysql. I installed everything stupidly with copy-paste from articles on the Internet.
In administration, I'm not boom-boom, so the question is - what should I pay attention to in terms of configuration? What could be a hole? Or should it work out of the box?
Answer the question
In order to leave comments, you need to log in
if any services are available from outside (ssh, mysql, phpmyadmin), set limited access for them - ip white list, access by keys (in case of ssh), install and configure fail2ban. Better yet, inspect the outgoing services, and analyze the possibility of disabling access to them directly from the Internet.
now it is desirable to raise the VPN and make friends with your router (or PC on the edge), so that access from the outside is only through the VPN. ssh and all other services should only respond to your VPN network.
In addition to access settings (firewall/iptables), all unexpected requests to the web server should be disabled:
How to protect websites from hacking?
It’s easier to immediately install something like vestacp or centos webpanel (I recommend) or any other free one, installed with one command and puts with it everything you need for hosting, including Apache databases, puffs, FTP soap, etc.
Well, it’s convenient to manage all this later.
Well, at the expense of protection - a normal password, the ssh port can be confused, for special paranoids White list can be done. And so everything is out of the box. Although a hole was found in the same vesta last year, so if you are paranoid, then everything is handled)
The settings of the software that you have installed are quite reliable by default, you will change them - then already look. Closing unopened ports with a firewall is like putting a handbrake on a car without wheels. A VPN by itself does not add security, it's just 1 more network interface.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question