Securing your CentOS server is a big step in the right direction and most importantly it will keep your data safe and give you peace of mind. Here we will walk you through the steps necessary to secure your CentOS server.
Step 1 - Adding a New User
In the article that we linked here we walk you through all the vital steps that are required to create another user account. The benefits of using an account other than the "root" account is that you will be safe from executing accidental or server breaking commands that will cause you more problems in the future if you don't have enough experience.
Step 2 - Using SSH Key Pair Authentication
You’ve used password authentication to connect to your server SH, but there’s a more secure method available: key pair authentication. In this section, you’ll generate a public and private key pair using your desktop computer and then upload the public key to your server. SSH connections will be authenticated by matching the public key with the private key stored on your desktop computer - you won’t need to type your account password. When combined with the steps outlined in this guide
Step 3 - Disabling SSH Password Authentication and Root Login
You just strengthened the security of your server by adding a new user and generating SSH keys. Now it’s time to make some changes to the default SSH configuration. You can read the full guide here
Step 4 - Creating a Firewall
One of the most crucial and vital steps to better security is creating a firewall, this step is optional but we recommend that you set one up to maximize your security. You can read more about how to set up a firewall
Step 5 - Installing and Configuring Fail2Ban
Fail2Ban is an application that prevents dictionary attacks on your server. When Fail2Ban detects multiple failed login attempts from the same IP address, it creates temporary firewall rules that block traffic from the attacker’s IP address. Attempted logins can be monitored on a variety of protocols, including SSH, HTTP, and SMTP. By default, Fail2Ban monitors SSH only. You can find the guide here
That's it! You have just secured your CentOS server!