Изменения

Строка 78: Строка 78:  
==Безопасность превыше всего!==
 
==Безопасность превыше всего!==
 
WIP
 
WIP
 +
 +
- SSH Security:
 +
 +
#. https://www.digitalocean.com/community/tutorials/how-to-configure-ssh-key-based-authentication-on-a-linux-server
 +
#. Fail2ban
 +
 +
Fail2ban is mainly used to protect your ssh against passwords bruteforce.
 +
 +
apt-get install fail2ban && nano /etc/fail2ban/jail.local
 +
 +
Must be something like that:
 +
 +
[DEFAULT]
 +
## If you do not want to use a permanent ip,
 +
## then it's better to comment out this line
 +
## there and in jail.conf.
 +
ignoreip = 57.66.158.131
 +
 +
[ssh]
 +
## If within 1 hour:
 +
findtime = 3600
 +
## 6 failed login attempts were made:
 +
maxretry = 6
 +
## Then ban the IP for 24 hours:
 +
bantime = 86400
 +
 +
And restart it '''service fail2ban restart'''
 +
 +
- MySQL Security
 +
 +
After installing MySQL DB it's a good idea to delete a security hole.
 +
mysql_secure_installation
45

правок