About security Direct Admin?

[Webha]

Hi, coming from shared hosting to VPS(no knowledge about linux).

After installing Direct Admin, what firewall and other security measures should be installed for VPS and Direct Admin to prevent any kind of brute log in attempts and other hacks to website?

For website, I am using wordfence, cloudflare, akismat anti spam, original theme and plugins.
For VPS, I disabled root login and changed port number.
What to do for Direct Admin panel?

What else to do totally secure VPS and Direct Admin? There is no proper step by step tutorial on YT. All so overwhelming at the beginning

Thank you in advance.

 

[johannes]

start with basic system security as you already did, then general DA security (DA conf), then DA` BFM bruteforce monitor, and CSF firewall:

General system security | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

prepare and Preinstallation of the server Ubuntu

HI My first time ever to use DM from Cyber panel background experience, I heard good things about DM. I would like to know what should be done to harden the server before installing DM. I will list what I am doing and I would like to know your opinion if it will conflict with DM 1- change ssh...

forum.directadmin.com

How to block IPs with Brute Force Monitor in DirectAdmin using CSF

(Updated 2018-06-12) Directadmin since version 1.39 has a built-in brute force monitor, which scan your service logs for any brute force login attempts on your system (dovecot, exim, proftpd, sshd) and sent notifications to an admin. Here you can...

help.poralix.com

CSF is a great firewall with lot of options, dig into it.
About general linux and other security tips, maybe others here will add their 2 cents ( @Richard G )

 

[Webha]

start with basic system security as you already did, then general DA security (DA conf), then DA` BFM bruteforce monitor, and CSF firewall:

General system security | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

prepare and Preinstallation of the server Ubuntu

HI My first time ever to use DM from Cyber panel background experience, I heard good things about DM. I would like to know what should be done to harden the server before installing DM. I will list what I am doing and I would like to know your opinion if it will conflict with DM 1- change ssh...

forum.directadmin.com

How to block IPs with Brute Force Monitor in DirectAdmin using CSF

(Updated 2018-06-12) Directadmin since version 1.39 has a built-in brute force monitor, which scan your service logs for any brute force login attempts on your system (dovecot, exim, proftpd, sshd) and sent notifications to an admin. Here you can...

help.poralix.com

CSF is a great firewall with lot of options, dig into it.
About general linux and other security tips, maybe others here will add their 2 cents ( @Richard G )

Thank you. It would really help for newcomers if there was a 1 click type of set up option. Hoping DA would implement such features, and I hope no one would mind paying a couple of bucks extra for these.

 

[Richard G]

It would really help for newcomers if there was a 1 click type of set up option.

There is, for DA itself, which also implements already the CSF/LFD firewall and BFM. I'm not aware other panels doing anything more.
The finetuning is always left to the admin, where and if necessary.

In addition to the tips @johannes already gave, maybe some basic things you can add or change. Like start with moving your SSH port from the default port 22 to another port and then create an SSH key to be able to login and disable password authentication.
Also some mail security, implement things like Spamassassin or rSpamd and Easy Spamfighter and blockcracking.

There is also something called modsecurity, but this an be really strict so watch there what you're doing if you want to use that.

Monitor your system, check your log if you feel certain things go wrong.

Mostly not needed, so disable access to xmlrpc.php (from Wordpress) which can and is used to overload systems.

How to block access to xmlrpc.php serverwide on Directadmin?

What is WordPress XML-RPC and how to stop an attack with Directadmin serverwide?

help.poralix.com

There will be more tips probably, but this is what comes in to my mind that quick.

 

[Webha]

There is, for DA itself, which also implements already the CSF/LFD firewall and BFM. I'm not aware other panels doing anything more.
The finetuning is always left to the admin, where and if necessary.

In addition to the tips @johannes already gave, maybe some basic things you can add or change. Like start with moving your SSH port from the default port 22 to another port and then create an SSH key to be able to login and disable password authentication.
Also some mail security, implement things like Spamassassin or rSpamd and Easy Spamfighter and blockcracking.

There is also something called modsecurity, but this an be really strict so watch there what you're doing if you want to use that.

Monitor your system, check your log if you feel certain things go wrong.

Mostly not needed, so disable access to xmlrpc.php (from Wordpress) which can and is used to overload systems.

How to block access to xmlrpc.php serverwide on Directadmin?

What is WordPress XML-RPC and how to stop an attack with Directadmin serverwide?

help.poralix.com

There will be more tips probably, but this is what comes in to my mind that quick.

Is there any 1 click button install for stuffs like CSF, spamassassing, easy spamfighter, disabling root login etc?

Is it possible avoiding the linux command line and do all from a web control panel? I know there is cloudways but that is pricey so don't want to go for that.

 

[Richard G]

Is there any 1 click button install for stuffs like CSF, spamassassing, easy spamfighter, disabling root login etc?

That's not on any panel.

There is a 1 "click" setup to install Directadmin with CSF and BFM. Directadmin installs this automatically on installation.
The rest is finetuning and one wants Spamassassin, another wants rSpamd and again somebody else want's external spam protection, so that's why things like that are left over to the admin, same for root login.
So no for these things there is no 1 click button but it's very easy to do, even for a beginner. Various manuals on howto can be found on the forum.

Is it possible avoiding the linux command line and do all from a web control panel? I know there is cloudways but that is pricey so don't want to go for that.

Short answer. No.
There is the custombuild plugin with which you can do most things, including for example installing Spamassassin.
But you also will encounter things which must be done via SSH. Mostly not a lot and most often easy to do.

If you want a click and point system, there is one panel, which cost a lot more, so then yes, you pay the price.