User Docs
Edit

Securing your Server

Things you can do to secure your server running the Bonder

Please note that this guide is written for Ubuntu 24.04. It also applies to all of the currently maintained Ubuntu releases.

Securing your Server

These are a number of things you can do to secure an Ubuntu server.

These are examples and it's recommended that do your own research to know what's best for your own server.

Update your system

Keep the system up-to-date with the latest patches

sudo apt update -y && sudo apt full-upgrade -y
sudo apt autoremove -y && sudo apt autoclean

Set up user configs

Disable the root user account and set a password for your account

sudo passwd -l root # While this is redundant when using Ubuntu, it is good practice to explicitly ensure that the account is disabled
sudo passwd ubuntu

Harden SSH config

Edit SSH configuration

sudo vim /etc/ssh/sshd_config

In sshd_config file, update the values below or ensure that they are already set to these values.

At the bottom of the file, add a new line to allow only your user to access the server.

Verify changes and reload service

Install fail2ban

Installing fail2ban will block out anyone who fails to repeatedly log in

Create a local configuration file

Add the following config

Restart services and show status

Firewall

All incoming connections can be disallowed. Only outgoing connections need to be allowed.

For example, if using UFW

Reset the server

The base configuration is now set up and enabled. Restart the server now to complete the update and upgrade of packages and associated config.

Add SSH 2FA

Check out the link below

Add SSH 2FA

Last updated