1. Install and run an anti virus software such as ClamAV to keep the server clean from malware.
2. Setup a firewall
3. Install an anti brute force software such as cPHulk or Fail2ban.
4. Change secure passwords for login on the server.
5. Change the SSH port to a non standard one and enable a SSH Key Authentication. To prevent mis-configuring the server, it should be a port from the dynamic/private ports range 49152-65535
6. Add authentication to Mongo Db
The best protection against bruteforce attack to the main system is changing the SSH port in the first place and add a SSH key authentication. To prevent mis-configuring your server, you should choose a port from the dynamic/private ports range 49152-65535
Connect to your server via SSH Switch to the root user Run the following command: vi /etc/ssh/sshd_config. Locate the following line: # Port 22 Remove # and change 22 to your desired port number. Restart the sshd service by running the following command service sshd restart
Please note - Need this to be dont on the main and test servers we use.
