Want more timely Centmin Mod News Updates?
Become a Member

Security Recommendations

Discussion in 'System Administration' started by KeVo, Jul 31, 2015.

  1. KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    7:05 AM
    1.11.x
    10.1.18
    Hey guys, just wanting to get some of your opinions.

    Would it be a good practice for me to change my SSH Port and disallow root login for Centmin Mod? Two times today someone from China has made CSF go nuts and shut things down. Any tips and guidance on this matter would be greatly appreciated.

     
  2. eva2000

    eva2000 Administrator Staff Member

    55,805
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    10:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    if changing SSHD port do it via centmin.sh menu option 16 which will first prompt for default 22 port and then prompt for new SSHD port

    Code:
    --------------------------------------------------------
    Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
    --------------------------------------------------------
                       Centmin Mod Menu                
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB 5.2, 5.5, 10, 10.1 Upgrade Sub-Menu
    12). Zend OpCache Install/Re-install
    13). Install ioping.sh vbtechsupport.com/1239/
    14). SELinux disable
    15). Install/Re-install ImageMagick PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2,p7zip etc
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Re-install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + WP Super Cache
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ]
    I'd change SSHD ports especially if on OpenVZ as you're limited by how many IP addresses CSF Firewall can handle compared to Xen or KVM which have IPSET kernel level and CSF IPSET support to handle large number of IP addresses ;)

    Where possible, I stick with KVM or XEN VPS because of such stuff like this.
     
  3. KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    7:05 AM
    1.11.x
    10.1.18
    Will change the SSHD ASAP. I'm using KVM with Linode, so no OpenVZ. :(
     
  4. eva2000

    eva2000 Administrator Staff Member

    55,805
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    10:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    that's good thing :)
     
  5. KeVo

    KeVo Active Member

    180
    71
    28
    May 28, 2014
    Ratings:
    +101
    Local Time:
    7:05 AM
    1.11.x
    10.1.18
    I somehow misread the OpenVZ part. lol

    Thank you for suggesting the port number change. The individual(s) are annoying me. XD
     
  6. eva2000

    eva2000 Administrator Staff Member

    55,805
    12,272
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,858
    Local Time:
    10:05 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    i like to keep port 22 for a while and gather up some bad ips to block before changing ports hehe