Securing your Server
Things you can do to secure your server running the Bonder
These are a number of things you can do to secure an Ubuntu server.
These are examples and it's recommended that do your own research to know what's best for your own server.
Update your system
Keep the system up-to-date with the latest patches
Create new user instead of using default user
Create a non-root user with sudo privileges
Copy authorized SSH hosts to new user
End your current session and SSH into the new user and delete default user
Harden SSH config
Edit SSH configuration
In sshd_config
file, make sure to have the following settings:
Optional: Locate Port and customize it your random port. Use a random port # from 1024 through 49141. Check for possible conflicts.
Verify changes and reload service
Only allow specific users for SSH
Edit SSH configuration
Edit or add AllowUsers
with space separated usernames
Reload SSH service
Disable root account
Disabling the root
user account is a good idea
Install fail2ban
Installing fail2ban will block out anyone who fails to repeatedly log in
Create a local configuration file
Add the following config
Restart services and show status
Firewall
All incoming connections can be disallowed. Only outgoing connections need to be allowed.
For example, if using UFW
Add SSH 2FA
Check out the link below
pageAdd SSH 2FALast updated