server_rudimentaer_absichern
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| server_rudimentaer_absichern [2021/08/10 13:30] – created admin | server_rudimentaer_absichern [2021/08/16 08:52] (current) – admin | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== VServer mit Debian 10 rudimentär absichern ====== | ====== VServer mit Debian 10 rudimentär absichern ====== | ||
| + | ===== 1 MySQLs desaströse Grundinstallation richten ===== | ||
| + | |||
| + | | ||
| + | |||
| + | ===== User zufügen, damit man sich im Notfall mit PW einloggen kann ===== | ||
| + | |||
| + | useradd -g users -d /home/user user | ||
| + | passwd user | ||
| + | mkdir /home/user | ||
| + | chown user /home/user/ | ||
| + | Check, if user can "su -" before proceeding to next step!!! | ||
| + | |||
| + | ===== Rootlogin nur mit SSH-Key zulassen ===== | ||
| + | |||
| + | nano / | ||
| + | PermitRootLogin without-password | ||
| + | |||
| + | ===== Universal Fire Wall installieren und ssh, http und https zulassen ===== | ||
| + | |||
| + | apt install ufw | ||
| + | ufw default deny incoming | ||
| + | ufw default allow outgoing | ||
| + | ufw allow ssh | ||
| + | ufw allow http | ||
| + | ufw allow https | ||
| + | ufw enable | ||
| + | |||
| + | ===== Failban aktivieren, weil dann logfiles lesbarer werden ;-) ===== | ||
| + | |||
| + | apt install fail2ban | ||
| + | cp / | ||
| + | nano / | ||
| + | Adjust whatever you like here. | ||
| + | systemctl restart fail2ban.service | ||
| + | | ||
| + | ===== Unattended Upgrades, damit immer alles aktuell ist ===== | ||
| + | |||
| + | apt-get install unattended-upgrades apt-listchanges | ||
| + | | ||
| + | |||
| + | Weiter mit [[Letsencrypt Installation]] | ||
server_rudimentaer_absichern.1628602256.txt.gz · Last modified: 2021/08/10 13:30 by admin