How to secure your server (Debian/Linux) and WordPress
02 Feb 2021 #linux #security
Basic steps to secure your server from DDOS and BruteForce attacks.
Creating strong passwords i would recommend using a browser extensions as password generator.
-Configuring Auto-Update:
nano /etc/apt/apt.conf.d/50unattended-upgrades
nano /etc/apt/apt.conf.d/20auto-upgrades
-Firewall:
- nano nano /etc/ssh/sshd_config
Fail2ban – Bruteforce:
nano /etc/fail2ban/filter.d/http-get-dos.conf
nano /etc/fail2ban/jail.local
IpTables: N/D
-Apache:
-Install Mod-evasive:
apt install libapache2-mod-evasive
https://phoenixnap.com/kb/apache-mod-evasive
-Install Mod-Security:
apt install libapache2-mod-security2
apt install modsecurity-crs
How to Set up & Configure ModSecurity on Apache
Not very friendly with WordPress I would recommend check log errors and start from there:
tail /var/log/apache2/error.log
-Apache/wordpress security:
nano /etc/apache2/apache2.conf
-Setting up Apache authentications:
Wordpress:
-Disable file editing
nano /var/www/html/..wp-config.php
-Disable directory listening
-Disable Php uploads
Antivirus:
-Automatic scanning:
-Install Rkhunter
-Install Lynis
-Install aide
-Automated Backup
-Website Backup
-MySQL Security
-MySQL Backup
Restore
-Cloudfare:
Set up your DNS to Prevent RDNS and ddos - free account
-Wordpress
Install Wordfence Plugin and Loginizer Brute Force
Block Ip bruteforce attack
-Zabbix:
-Webmin:
-DDOS usefull commands:
number of connections
-Block the attacking network