You are viewing a single comment's thread from:

RE: How to become a witness

in #witness-category8 years ago

To harden your server even more, make sure ssh login for root is disabled, forbid login for an IP after a couple of failed attempts, and close down all other ports but the one for SSH. But take care to not lock yourself out in the process.

Sort:  

Added a section for disabling root login. Thanks. Also some great advice that needs repeating: take care not to lock yourself out in the process

fail2ban works fine

and you have to change the ssh port away from default.

Use 127.0.0.1, there's no reason for it to be accessible from outside at all