Server security for root

[webling]

I'm learning a lot with my new provider. I've used them before and I like the way they do things. Granted I can change things on my server the way I want, but their security is excellent and I don't plan on changing anything. When I had a VPS with them in the past and ran an IRC network I remember I liked the way they do things.

Just for starters they close SSH access for root. One of the additional things I did on all hosting accounts that have SSH access I set them as jailed. With that set they cannot even su to root. And any user that does have access to su command has to be part of the group allowed to do so. I love the security in these newer servers.

Even if a cracker got into someones hosting account and figured out their user name, and if by some odd chance cracked through in SSH to their account, they still cannot su to root.

 

[Hostslayer]

Well do you ask us about anything or what?

 

[GouriServ]

I'm learning a lot with my new provider. I've used them before and I like the way they do things. Granted I can change things on my server the way I want, but their security is excellent and I don't plan on changing anything. When I had a VPS with them in the past and ran an IRC network I remember I liked the way they do things.

Just for starters they close SSH access for root. One of the additional things I did on all hosting accounts that have SSH access I set them as jailed. With that set they cannot even su to root. And any user that does have access to su command has to be part of the group allowed to do so. I love the security in these newer servers.

Even if a cracker got into someones hosting account and figured out their user name, and if by some odd chance cracked through in SSH to their account, they still cannot su to root.

Dear Mate,

We did not understand what you are trying to ask from us.

 

[24x7CSM]

You are trying to describe the way security is set and issues or are looking to set the security on the server ?

 

[whmcsguru]

Just for starters they close SSH access for root.

This is not a good thing, by any means. This whole concept of 'security by obscurity'is just nonsense. You're no more secure with disabling root access here at all.

they still cannot su to root.

Wrong answer, again. And again, you're feeding into the 'security by obscurity' concept

Learn proper ways to manage and secure a server, not some script kiddy's "admin guide to cPanel servers"

 

[webling]

You are trying to describe the way security is set and issues or are looking to set the security on the server ?

Yes, just sharing information that might be helpful. I just got back to this post and didn't realize that it has been misunderstood. Sometimes I just like to share what I have been learning about new distros of linux and security it offers.

 

[AbsoluteHosting]

SSH access

I like to block any SSH connection not on my whitelist using iptables and possibly also tcp wrappers.

 

[RDPproviders]

don't understand what the mean acctually

 

[Leech]

What exactly do you mean?

 

[beststar]

I like to block any SSH connection not on my whitelist using iptables and possibly also tcp wrappers.

or install fail2ban + itpables block list

 

[cat5]

I found simply changing the ssh port from 22 stopped 90% of the alerts I was getting from CSF regarding failed logins. Easiest security method by far.