/ Register

Get the most out of your Centmin Mod LEMP stack
Become a Member

Security Recommendations

Discussion in 'System Administration' started by KeVo, Jul 31, 2015.

Previous Thread Next Thread
Loading...
  1. Jul 31, 2015 #1
    KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    9:07 PM
    1.11.x
    10.1.18
    Hey guys, just wanting to get some of your opinions.

    Would it be a good practice for me to change my SSH Port and disallow root login for Centmin Mod? Two times today someone from China has made CSF go nuts and shut things down. Any tips and guidance on this matter would be greatly appreciated.
     
  2. Jul 31, 2015 #2
    eva2000

    eva2000 Administrator Staff Member

    39,199
    8,654
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,307
    Local Time:
    12:07 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    if changing SSHD port do it via centmin.sh menu option 16 which will first prompt for default 22 port and then prompt for new SSHD port

    Code:
    --------------------------------------------------------
Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
--------------------------------------------------------
                   Centmin Mod Menu                
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB 5.2, 5.5, 10, 10.1 Upgrade Sub-Menu
12). Zend OpCache Install/Re-install
13). Install ioping.sh vbtechsupport.com/1239/
14). SELinux disable
15). Install/Re-install ImageMagick PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2,p7zip etc
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Re-install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + WP Super Cache
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ]
    I'd change SSHD ports especially if on OpenVZ as you're limited by how many IP addresses CSF Firewall can handle compared to Xen or KVM which have IPSET kernel level and CSF IPSET support to handle large number of IP addresses ;)

    Where possible, I stick with KVM or XEN VPS because of such stuff like this.
     
    • Informative Informative x 1
  3. Jul 31, 2015 #3
    KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    9:07 PM
    1.11.x
    10.1.18
    Will change the SSHD ASAP. I'm using KVM with Linode, so no OpenVZ. :(
     
  4. Jul 31, 2015 #4
    eva2000

    eva2000 Administrator Staff Member

    39,199
    8,654
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,307
    Local Time:
    12:07 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    that's good thing :)
     
  5. Jul 31, 2015 #5
    KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    9:07 PM
    1.11.x
    10.1.18
    I somehow misread the OpenVZ part. lol

    Thank you for suggesting the port number change. The individual(s) are annoying me. XD
     
  6. Jul 31, 2015 #6
    eva2000

    eva2000 Administrator Staff Member

    39,199
    8,654
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,307
    Local Time:
    12:07 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    i like to keep port 22 for a while and gather up some bad ips to block before changing ports hehe
     
    • Like Like x 1
Previous Thread Next Thread
Loading...
..

.