Ubuntu Secure Server Setup

So we’ve had need to open a couple of ports on our home-server to the real-world. Its like letting a child out in the evening for the first time alone – you’ve no idea what trouble they might get into but just hope you’ve prepared them enough.

These are my notes for when I forget what I’ve done.

The router is only forwarding HTTP and SSH traffic to the server. SSH has been locked down so it only accepts Key logins from non-root users so I think this is pretty good. The default site forwards via .htaccess to this domain which prevents general rumblings if you find it and only certain external subdomains are identified in the server’s /etc/hosts file.

Denyhosts is installed.

UFW Firewall has been configured using

Thanks to 1000Umbrellas for the above.

Apparently, its possible to use allow webmin but this didn’t seem to work in this instance.

 

 

About CDB 361 Articles
Self-Employed Software Developer, Spark, Property Management, Hobby Forestry, Ex-Teacher, Engineering - Wood, Metal, Electrics & Computers. Outdoors - Walk, Cycle, Kitesurf,

Be the first to comment

Leave a Reply

Your email address will not be published.


*


This site uses Akismet to reduce spam. Learn how your comment data is processed.