Malicious hackers are keen to gain access to your server. Powerful dedicated/ virtual servers, which are always on, form an important part of the hackers botnet arsenal. These botnets are used by the hackers for tasks ranging from bitcoin mining to the more malicious sending of Spam and engaging in Distributed Denial of Service attacks. Fortunately it isn’t all that difficult to prevent the bot scanners from gaining access to your server. Protecting my new hobbie project’s dedicated server took me less than 5 minutes.
What we are going to do is: create a sudo user, disable root login, and change the servers SSH port. This guide is intended for an Ubuntu/ Debian system, although commands can easily be found for CentOS and the like.
Small tip: You can paste anything into putty using the “right click” on your mouse.
- Login to SSH, using a program such as Putty, with your root login details.
- Create a new user (e.g. replace “username” with admin57 without quotes) with the command: # sudo adduser “username” You will be prompted for a password. Ensure that it is secure and that you take note of it.
- Give this user sudo permissions: # sudo adduser “username” sudo
- Using an editor (vi or nano) open up /etc/ssh/sshd_config e.g. with the command: # nano /etc/ssh/sshd_config
- Near the top of the file, you should see Port 22 listed. Use the arrow keys to get to the text and change 22 to a random port number e.g. 7654. Note this down.
- Find (Ctrl W if you are using Nano) “PermitRootLogin Yes” and change it to “PermitRootLogin no”.
- Save and exit the editor (Ctrl X if you are using nano).
- Run the command: #service ssh restart
To gain access to your server, login to SSH as the new user (remember you also changed the port!). Then type “su” without quotes and press enter. Then enter your root password and you will gain root access.