1) Use secure passwords!
Insecure passwords are the most common security vulnerability for most servers. If an account password is insecure and is compromised, client sites can be defaced, infected, or used to spread viruses. Having secure passwords is paramount to having a secure server.
You can edit /etc/login.defs to configure many password options on your system. It is well documented.
Generally, a password utilizing at least 8 characters including alphanumeric and grammatical symbols is sufficient. Never use passwords based upon dictionary words or significant dates. If you are uncertain about the security of a password, then you can test it using JTR cracker. If a password can be broken in a few hours, then it is probably too insecure and should not be used. You can also install tools like pam_passwdqc to check the strength of passwords.
2) Secure SSH
Enable public key authentication for SSH and disable password authentication read more >>
Move SSH access to a different port. People are looking for port 22 as a possible way to access your servers. Moving SSH to a different port will add a simple way to deter those without specific knowledge of your server from easily discovering your SSH port.
You can modify the port that SSH runs on within /etc/ssh/sshd_config. Change the line that says #Port 22 to a different port such as: Port 1653. Make sure to keep your current SSH session open when testing the new port so you can change back to port 22 if the new port doesn’t work.
You should always use SSHv2 only as SSHv1 is not secure. Make sure to change the line in /etc/ssh/sshd_config that says #Protocol 2,1 to Protocol 2.
You may also wish to set Shell Resource Limits for you users to prevent applications and scripts from using all up your resources and taking down your server. You can configure shell resource limits in /etc/security/limits.conf on most Linux systems.
3) Secure Apache
The most readily available way to access a web server, is of course, the web server application. It is important to take steps to secure your Apache installation.
Need our help to fix the issue ? Submit Support Ticket Now
Leave A Comment