search
User Docs
githubEdit

Securing your Server

Things you can do to secure your server running the Bonder

circle-info

Please note that this guide is written for Ubuntu 24.04. It also applies to all of the currently maintained Ubuntu releases.

hashtag
Securing your Server

These are a number of things you can do to secure an Ubuntu server.

circle-info

These are examples and it's recommended that do your own research to know what's best for your own server.

hashtag
Update your system

Keep the system up-to-date with the latest patches

sudo apt update -y && sudo apt full-upgrade -y
sudo apt autoremove -y && sudo apt autoclean

hashtag
Set up user configs

Disable the root user account and set a password for your account

sudo passwd -l root # While this is redundant when using Ubuntu, it is good practice to explicitly ensure that the account is disabled
sudo passwd ubuntu

hashtag
Harden SSH config

Edit SSH configuration

sudo vim /etc/ssh/sshd_config

In sshd_config file, update the values below or ensure that they are already set to these values.

At the bottom of the file, add a new line to allow only your user to access the server.

Verify changes and reload service

hashtag
Install fail2ban

Installing fail2ban will block out anyone who fails to repeatedly log in

Create a local configuration file

Add the following config

Restart services and show status

hashtag
Firewall

All incoming connections can be disallowed. Only outgoing connections need to be allowed.

For example, if using UFW

hashtag
Reset the server

The base configuration is now set up and enabled. Restart the server now to complete the update and upgrade of packages and associated config.

hashtag
Add SSH 2FA

Check out the link below

Add SSH 2FAchevron-right

Last updated