Advertisement: Linux VPS from $4/month - contact support for custom offer.
-
Administrator
Preparing Linux server - first steps after getting new Linux server
There are certainly much better tutorials. This is here mainly for me to be able to repeat various task when i receive new Linux server.
Some tasks that can be done:
0. ssh -p 22 -l root serverIP
1. apt update 2>/dev/null;apt upgrade 2>/dev/null;apt install curl whois htop nmon nload fail2ban 2>/dev/null||yum update 2>/dev/null;yum upgrade 2>/dev/null;yum install curl whois htop nmon nload fail2ban 2>/dev/null
2. df -h;free -mht;w;curl -sL yabs.sh | bash -s -- -ifrg # remove "if" parameters to do also disk and network speed test
2. run command to change SSH port 22 to custom one (i.e. 876), i suggest one within 600-60000:
newportno=876 && sed -i "s|#Port 22|Port $newportno|g;s|# Port 22|Port $newportno|g" /etc/ssh/sshd_config && systemctl reload sshd && ss -p|grep -i ssh 2>/dev/null
3. passwd
4. reboot
5. copy SSH key for password-less access: ssh-copy-id -p NewSSHPort root@serverIP
6. login SSH (see 1st command)
7. server with many connections and opened files?
# echo "* hard nofile 10000"|tee -a /etc/security/limits.conf
# echo "net.netfilter.nf_conntrack_max=99000" > /etc/sysctl.d/10-conntrack-max.conf;sysctl -p /etc/sysctl.d/10-conntrack-max.conf
6. Install Wireguard and enable port forwarding.
7. Install OpenVPN
8. setup logs removal.
If you prefer more advanced configuration of your firewall and brute force blocking than above installed "fail2ban", then remove it and install CSF ConfigServer firewall https://configserver.com/configserver-security-and-firewall/
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Protected by : ZB
BLOCK & StopForumSpam
Bookmarks