dcsimg
Results 1 to 2 of 2

Thread: Been a min.

  1. #1

    Thread Starter
    Frenzied Member jdc20181's Avatar
    Join Date
    Oct 2015
    Location
    Indiana
    Posts
    1,134

    Been a min.

    I have not been on here for a while is that a good thing or a bad thing? Maybe a mixture? I now have 2 clients for my side "hobby" of website administration and development. So far so good. Doing these first two free of charge. Down the road I will charge. They are however paying for the server and domain.

    Site 1 was for my sister's business. Still working on it since its a custom deck.

    Site 2 is for a political campaign website set to launch next year using self hosted wordpress. Wordpress was a bit of a pain in the backside to install. Ubuntu seems to still rock. Command line stuff makes me sick at my stomach. In other words I am not that great. But I got through it.

    Any pointers on Server Security?

    I am going to use Cloudflare's DDOS protection, but otherwise any ideas on ways to increase security.
    Disclaimer: When code is given for example - it is merely a example.
    See my browser project BeffsBrowser
    Try my new Browser project LightBrowse "A Browser and not much else" Screen Capture with Imgur API


    Unless said otherwise (e.g. From one of my projects thus, those are mostly licensed under MIT) - All Code snippets advice or otherwise that I post on this site, are expressly licensed under Creative Commons Attribution 4.0 International Please respect my copyrights.

  2. #2
    PowerPoster kfcSmitty's Avatar
    Join Date
    May 2005
    Posts
    2,195

    Re: Been a min.

    First I would recommend you familiarize yourself with this: https://www.owasp.org/index.php/SCG_WS_Apache

    A good start would also be to configure unattended upgrades: https://help.ubuntu.com/community/Au...ecurityUpdates and ensure iptables has everything locked down so only ports 80, 443, 22, and 53 are open for inbound connections (and any others you may want like FTP). Good walkthrough here: https://bencane.com/2012/09/17/iptab...ic-web-server/

    And also ensure SSH is set up to require private key authentication only. Example here: https://www.digitalocean.com/communi...ys-on-debian-9

    Those are the basics to get your server decently secured. After that you'll need to make sure your wordpress stays up to date, as well as ensuring you run proper backups both onsite and offsite.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width