Any tips for securing a dedicated server?

Albertwu

New member
Registered
Joined
Jul 28, 2016
Messages
1
Points
0
Hi all, new customer here with a dedicated server.
I want this to be as hardened as possible. Anyone have any particular tips for security? I googled for checklists and did everything I could, and I also made adjustments so I have a perfect score on the firewall configuration check, but I thought maybe there would be some tips for these setups specifically.

In particular I'm wondering about allowed ports, the firewall by default has quite a few ports open, including all from 30,000-50,000. Should I lock down pretty much everything besides HTTP and SSL?

That brings me to a related question.. as of now I am just using this for a webserver. I'm hosting my nameserver with GoDaddy and email with Google. Is there any particular advantage to migrating my nameserver to vpb? The only one I can think of would be to gain use of their support for any DNS issues. If there are other technical advantages please let me know, DNS is an area that I am not very comfortable with.
 

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
To secure your dedicated server, the first step is to install fail2ban or any similar software to block brute force.
And I recommend you to change your default ssh port 22 to another.

You should not have to block everything with your firewall, using a anti bruteforce software is already a good point.

And for your DNS, move them to Cloudflare, it's free and faster than many other? And it will copy your current DNS settings automatically/
 

HostColor

Well-known member
Hosting Provider
Registered
Joined
Jul 27, 2016
Messages
247
Points
28
There is a software pack called Configserver and it helps a lot when it comes to Linux server. As far as for CloudFlare... it is not like it is not a good service, but I do not see many benefits to use DNS with them. It is certainly good for WordPress blogs. However, I would not use it as alternative of other web & network security software.
 
Last edited:

ExpertHosters

Member
Registered
Joined
Jul 6, 2016
Messages
27
Points
3
Try installing CSF, its a firewall and helps you to protect the server from unauthorised intruders. It blocks the IP who tries to access the server with wrong password(5 times wrong entry)

Also change the default port from 22 to something complicated.
 

HostYouFast

Member
Registered
Hosting Provider
Joined
Jul 16, 2016
Messages
56
Points
0
There are various way to secure your server.....You can try using Configserver it will help you. You can pay for ddos protection it will help.....I will say you to change your default ssh port 22 to another that can also help you.
 

ExpertHosters

Member
Registered
Joined
Jul 6, 2016
Messages
27
Points
3
You should be doing that, it will help you reduce attackers on your server. Default SSH port is normally 22 so the attackers try to connect to server with 22 using random passwords.
 

harry_v

Well-known member
Registered
Hosting Provider
Joined
Dec 20, 2017
Messages
110
Points
18
Today, nothing is safe. So if you get concerned about security, it is perfectly justified. Unfortunately, the number of security breaches is increasing at an alarming rate. One of the primary sources of worry is server security. Going for a dedicated server that provides services such as DDoS protection, firewalls, and other choices will help you deal with these issues more effectively. Top dedicated server security tips include using Password Strategy That Works. In addition, firewall Protection should be scanned and tested regularly. Maintaining a Database, Updating Software regularly, Data Backups, and Professional Assistance, etc.
 

ITivan80

Well-known member
Registered
Joined
Jul 16, 2018
Messages
111
Points
18
Depending on your budget you can go out there and get a firewall for your server and secure at that point. But if you don't have the budget then software firewall is for you.
 

hostguy

Member
Registered
Joined
Sep 9, 2020
Messages
49
Points
6
To secure Linux server the important thing is to install firewall on server.
It will secure your server and you can also add particular IP address to restrict it.

Also you can install Brute Force plugin to block particular countries according to your choice.
 

The Boss

K Tysinger
Registered
Joined
Sep 25, 2019
Messages
24
Points
1
I agree with VirtuBox 100%. I would only add backup, backup, backup. Cloudflare adds some nice security features for free.

If feasible, use SSH keys instead of passwords. Here are some great tutorials from DigitalOcean on security.
 
Older Threads
Replies
2
Views
2,495
Replies
7
Views
9,730
Replies
5
Views
2,802
fwh

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top