I'm kind of new to CentOS and was wondering how to prevent and backends to my server. Is there anything that I can do to prevent my Linux server from getting hacked into? Please list anything that I could do to protect my server from someone else getting access to my server.
fail2ban SSH keys don't use root there's loads more but can't remember them off the top of my head (on mobile right now).
25 Hardening Security Tips for Linux Servers [Guide] Securing a Linux server Best Practices for Linux and Minecraft Hosting Best Practices For Minecraft/Linux In General
you should install swatch to monitor all unauthorised login attempts and automatically block those IP, which had, say, three failed attempt. Also, you might want to consider blocking certain country address. I have something like this in my test server: Spoiler: blocking/accepting certain countries. Code (Text): # DROP_COUNTRY_MAKE DROP_COUNTRY_MAKE(){ for addr in `cat /tmp/cidr.txt|grep ^$1|awk '{print $2}'` do echo "-A DROP_COUNTRY -s $addr -m limit --limit 1/s -j LOG --log-prefix\ \"[IPTABLES DENY_COUNTRY] : \"" >> $IPTABLES_CONFIG echo "-A DROP_COUNTRY -s $addr -j DROP" >> $IPTABLES_CONFIG done grep ^$1 $IP_LIST >> $CHK_IP_LIST } # obtain IP address list. IP_LIST=/tmp/cidr.txt CHK_IP_LIST=/tmp/IPLIST if [ ! -f $IP_LIST ]; then wget -q http://nami.jp/ipv4bycc/cidr.txt.gz gunzip -c cidr.txt.gz > $IP_LIST rm -f cidr.txt.gz fi rm -f $CHK_IP_LIST # accept access from Japan and Australia ACCEPT_COUNTRY_MAKE JP ACCEPT_COUNTRY_MAKE AU # Top 5 sources of attack to Japanese police facility. # http://www.cyberpolice.go.jp/detect/observation.html DROP_COUNTRY_MAKE CN DROP_COUNTRY_MAKE CA DROP_COUNTRY_MAKE IR DROP_COUNTRY_MAKE NL DROP_COUNTRY_MAKE TW echo "-A INPUT -j DROP_COUNTRY" >> $IPTABLES_CONFIG
China likes to brute force..dedi's. Also like no china people are actual minecraft players. So block them, same with Russia and North Korea. They will likely brute force.
Disable root logins, have a username that is sort of random i.e jki789123. As well as that having a strong password with a variation of special characters and lower case and upper case as well as numbers is a good idea. If you really want to you could also change the ssh port, also don't keep any ports open that you don't need open.
Paying $25 for someone to guide me to do whatever is needed for protection for my dedicated server, and teach me the basics of Linux etc... Private message me on here to get more info.
Not anyone, but they don't even speak English. First of all they won't help your server, second of all North Korea hackers like to brute force.
