As a root server operator, you are responsible for the security of your server. Here is a checklist of essential security measures.
Basic Measures
Securing SSH
- Disable root login via SSH
- Change the SSH port (do not use default port 22)
- Use key-based authentication
- Disable password login
Setting Up a Firewall
- Only open the ports you actually need
- Set the default policy to DROP
- Document your rules
Keeping the System Up to Date
- Perform regular system updates
- Subscribe to security mailing lists
- Consider automatic security updates
Monitoring
- Monitor login attempts (fail2ban)
- Monitor system resources
- Review log files regularly
Backup
- Set up regular backups
- Store backups at an off-site location
- Test recovery procedures
Managed Services as an Alternative
If you do not want to or cannot handle security yourself, we offer managed services. Contact us at info@ingate.de.
