SSH Security On cPanel Servers.
1. Change SSH port number.
Edit your ssh configuration file under /etc/ssh/sshd_config and add/replace this line:
# What ports, IPs and protocols we listen for
Port 22
Port 22
2. Allow only the IP’s that you would like to have access to SSH through your firewall.
iptables -A INPUT -i eth0 -s 192.168.1.1 -p tcp –dport 22 -j ACCEPT
3. Use a utility like BFD, BlockHosts and DenyHosts
denyhosts - a utility to help system admins thwart ssh crackers
4. Use iptables to limit the rate of incoming connections to SSH.
iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent –update –seconds 60 –hitcount 4 -j DROP
This will limit incoming connections to port 22 to no more than 3 attempts in a minute. Any more will be dropped.
Leave a Reply
You must be logged in to post a comment.
