Join the community today
Register Now

Security Recommendations

Discussion in 'System Administration' started by KeVo, Jul 31, 2015.

  1. KeVo

    KeVo Active Member

    179
    70
    28
    May 28, 2014
    Ratings:
    +100
    Local Time:
    7:54 AM
    1.11.x
    10.1.18
    Hey guys, just wanting to get some of your opinions.

    Would it be a good practice for me to change my SSH Port and disallow root login for Centmin Mod? Two times today someone from China has made CSF go nuts and shut things down. Any tips and guidance on this matter would be greatly appreciated.
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,783
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,134
    Local Time:
    10:54 PM
    Nginx 1.13.x
    MariaDB 5.5
    if changing SSHD port do it via centmin.sh menu option 16 which will first prompt for default 22 port and then prompt for new SSHD port

    Code:
    --------------------------------------------------------
    Centmin Mod 1.2.3-eva2000.08 - http://centminmod.com
    --------------------------------------------------------
                       Centmin Mod Menu                
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB 5.2, 5.5, 10, 10.1 Upgrade Sub-Menu
    12). Zend OpCache Install/Re-install
    13). Install ioping.sh vbtechsupport.com/1239/
    14). SELinux disable
    15). Install/Re-install ImageMagick PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2,p7zip etc
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Re-install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + WP Super Cache
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ]
    I'd change SSHD ports especially if on OpenVZ as you're limited by how many IP addresses CSF Firewall can handle compared to Xen or KVM which have IPSET kernel level and CSF IPSET support to handle large number of IP addresses ;)

    Where possible, I stick with KVM or XEN VPS because of such stuff like this.
     
    • Informative Informative x 1
  3. KeVo

    KeVo Active Member

    179
    70
    28
    May 28, 2014
    Ratings:
    +100
    Local Time:
    7:54 AM
    1.11.x
    10.1.18
    Will change the SSHD ASAP. I'm using KVM with Linode, so no OpenVZ. :(
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,783
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,134
    Local Time:
    10:54 PM
    Nginx 1.13.x
    MariaDB 5.5
    that's good thing :)
     
  5. KeVo

    KeVo Active Member

    179
    70
    28
    May 28, 2014
    Ratings:
    +100
    Local Time:
    7:54 AM
    1.11.x
    10.1.18
    I somehow misread the OpenVZ part. lol

    Thank you for suggesting the port number change. The individual(s) are annoying me. XD
     
  6. eva2000

    eva2000 Administrator Staff Member

    30,156
    6,783
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,134
    Local Time:
    10:54 PM
    Nginx 1.13.x
    MariaDB 5.5
    i like to keep port 22 for a while and gather up some bad ips to block before changing ports hehe
     
    • Like Like x 1