Centos website server security settings

Source: Internet
Author: User
Tags website server ssh account ssh port
There are always a lot of boring people scanning the server password on the internet. I have encountered this problem on one of my previous servers. Of course, the severity of this problem is still very high. if it is infiltrated, the harm is not small. it is often used as a zombie, data theft, or Spam handled by others, therefore, anti-cracking of basic security settings is very necessary for vps owners. Generally, the basic settings include the following steps: 1. modify the ssh port number; 2. set a complex root password. 3.

There are always a lot of boring people scanning the server password on the internet. I have encountered this problem on one of my previous servers. Of course, the severity of this problem is still very high. if it is infiltrated, the harm is not small. it is often used as a zombie, data theft, or Spam handled by others, therefore, anti-cracking of basic security settings is very necessary for vps owners.

Generally, the basic settings include the following steps:
1. modify the ssh port number
2. set a complex root password
3. disable root remote login
4. use scripts to automatically generate ip addresses with deny password errors greater than x (the number of x can be defined based on actual conditions)

First, let's give you a piece of code to check whether your vps has encountered a packet cracking attack:

cat /var/log/secure|awk '/Failed/{print $(NF-3)}'|sort|uniq -c|awk '{print $2"="$1;}'

If the query result contains the result of "IP address = quantity", it indicates that someone tried to crack your password.

The following describes how to change the ssh port number and disable remote root logon:

1. change the ssh port number

The default ssh port of VPS is 22. run the following command to enter the configuration file:

vi /etc/ssh/sshd_config

Find # port 22
Remove the previous # and modify port 12345 (the port here can be defined as needed)
Then restart the ssh service.

service sshd restart

II. disable root login

Before disabling root logon, you must first add a user with normal permissions and set the password.

useradd testpasswd test

Disable ROOT remote SSH logon:

vi /etc/ssh/sshd_config

Put
PermitRootLogin yes
Change
PermitRootLogin no

If there is # in front of PermitRootLogin, you must delete it. Otherwise, it will not take effect.

Restart the sshd service.

service sshd restart

Later, we will be able to connect to our vps through an ssh account with normal permissions. if you need to manage permissions, you can use the following command to escalate to root permissions:

su root

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.