What security steps should I perform after directadmin installation
- Thread starter Amit
- Start date
- Joined
- Jul 10, 2019
- Messages
- 304
The following has some great recommendations:
https://help.directadmin.com/item.php?id=247
SSH keys with disabled password authentication and/or IP- limited SSH root login, and a custom SSH port or port knocking via CSF/LFD are all great for securing SSH.
https://help.directadmin.com/item.php?id=247
SSH keys with disabled password authentication and/or IP- limited SSH root login, and a custom SSH port or port knocking via CSF/LFD are all great for securing SSH.
T
Thanks scriptkitty. I am aware of all but not with port knocking what is it? and how should I disable it in csf firewall.
- Joined
- Jul 10, 2019
- Messages
- 304
Port knocking is really cool. You set a sequence of ports that must be hit before the target port will become accessible. If you don't hit that sequence of ports before the target port, the target port will remain closed via the firewall. I use an alias to a nmap script to carry out my port knocking, just like outlined in the link below:
https://www.knownhost.com/wiki/security/csf-lfd/how-to-enable-port-knocking
Note that CSF/LFD is an free firewall that is on the list of recommended security software provided in my previous response. I like CSF/LFD quite a bit and it can be integrated with DirectAdmin's BFM:
https://forum.directadmin.com/threa...force-monitor-in-directadmin-using-csf.44839/
https://www.knownhost.com/wiki/security/csf-lfd/how-to-enable-port-knocking
Note that CSF/LFD is an free firewall that is on the list of recommended security software provided in my previous response. I like CSF/LFD quite a bit and it can be integrated with DirectAdmin's BFM:
https://forum.directadmin.com/threa...force-monitor-in-directadmin-using-csf.44839/