Initial Steps to securing your CentOS server

Securing your CentOS server is a big step in the right direction and most importantly it will keep your data safe and give you peace of mind. Here we will walk you through the steps necessary to secure your CentOS server.

Step 1 - Adding a New User

In the article that we linked here we walk you through all the vital steps that are required to create another user account. The benefits of using an account other than the "root" account is that you will be safe from executing accidental or server breaking commands that will cause you more problems in the future if you don't have enough experience.

Step 2 - Using SSH Key Pair Authentication

You’ve used password authentication to connect to your server SH, but there’s a more secure method available: key pair authentication. In this section, you’ll generate a public and private key pair using your desktop computer and then upload the public key to your server. SSH connections will be authenticated by matching the public key with the private key stored on your desktop computer - you won’t need to type your account password. When combined with the steps outlined in this guide

Step 3 - Disabling SSH Password Authentication and Root Login

You just strengthened the security of your server by adding a new user and generating SSH keys. Now it’s time to make some changes to the default SSH configuration. You can read the full guide here

Step 4 - Creating a Firewall

One of the most crucial and vital steps to better security is creating a firewall, this step is optional but we recommend that you set one up to maximize your security. You can read more about how to set up a firewall

Step 5 - Installing and Configuring Fail2Ban

Fail2Ban is an application that prevents dictionary attacks on your server. When Fail2Ban detects multiple failed login attempts from the same IP address, it creates temporary firewall rules that block traffic from the attacker’s IP address. Attempted logins can be monitored on a variety of protocols, including SSH, HTTP, and SMTP. By default, Fail2Ban monitors SSH only. You can find the guide here

That's it! You have just secured your CentOS server!

  • 26 Users Found This Useful
Was this answer helpful?

Related Articles

FFMPEG install on CentOS

How to install FFMPEG and FFMPEG-PHP install on CentOS 5.X To install FFMPEG please follow the...

How to set hostname on Centos 6?

In order to permanently set hostname on Centos 6 VPS you neew to run # nano...

How to change hostname on CentOS permanently

If you are installing LAMP on a new server and ran into the following issue with httpd during the...

CentOS: Start custom script automatically after network startup

Find the ifup-post under /etc/sysconfig/network-scripts. This scipt is called right after any...

Change hostname in CentOS

How to Change Hostname - CentOSThis KB helps user to change hostname on CentOS. By default your...