Access CSF UI on your browser with the specified port and click on "Check Server Security" . CSF will provide you some tips to secure your server .
After that now check the report below:
After that now check the report below:
# vi /etc/ssh/sshd_config
Port 22XX
UseDNS no
# systemctl restart sshd
# vi /etc/my.cnf
[mysqld]
local-infile=0
# systemctl restart mariadb
You can also enable 'RESTRICT_SYSLOG option check, LF_POP3D option check, LF_IMAPD option check, SYSLOG_CHECK option check, RESTRICT_UI option check, Check SSH PasswordAuthentication'. This option helps prevent brute force attacks on your server servicesRESTRICT_SYSLOG = "3"
LF_POP3D = "3"
LF_POP3D_PERM = "1"
LF_IMAPD = "3"
LF_IMAPD_PERM = "1"
SYSLOG_CHECK = "300"
Important setting for me :#vi /etc/csf/csf.conf
TESTING = "0"
Don't Block IP addresses that are in the csf.allow files.
IGNORE_ALLOW = "1"
ICMP_IN = "1"
ICMP_OUT = "1"
LF_SSH_EMAIL_ALERT = "1"
LF_SU_EMAIL_ALERT = "1"
LF_ALERT_TO = "admin@datahead.biz"
LF_ALERT_FROM = ""
#systemctl start csf
#systemctl start lfd
#systemctl enable csf
#systemctl enable lfd
Comments
Post a Comment