/ guide

Secure your SSH port!

It's relatively easy to setup a droplet using DigitalOcean. On the other hand, it's also easy to get attacked, IP's provided by DigitalOcean services are recycled, droplets get deleted and remade every day by hundreds of users.

The first time I tried to access this blog I got a security warning from Google Chrome, it wouldn't allow me to continue without accepting the risk of my computer being infected with malware. Probably because the previous owner got hacked and malware was being sent out from the IP I got for my droplet.

Also, my SSH connection was refusing several connection attempts. Someone was trying to use a brute-force attack on my VPS server.

One way to avoid getting a "bad IP" is by testing it once you have created a droplet. Go to your browser and type the IP on the address bar, if you get a security warning delete the droplet and create a new one. Continue doing this until you feel you didn't get a "bad" IP.

Now, to protect your server from brute-force attacks use a solid password for your "root" username. You can also try removing root and creating a new Admin with limited privileges. In my case, I changed my default SSH port number to a different one. IP's get regularly attacked to try and access a server; the attacker won't know you have changed the port number and it's going to be harder to access it by brute-force.

connect via SSH and change your SSH port:
vim /etc/ssh/sshd_config
Look for:

# What ports, IPs, and protocols we listen for
Port 29999

Change the port number to whatever number you want. Save the file and restart using this command:
/etc/init.d/ssh restart

Of course, this isn't a very secure way to protect your VPS, but it deters attackers and makes it difficult to access your VPS.

Secure your SSH port!
Share this