There are two ways you can secure your server. They are:
Even if your services implement security features or are restricted to the interfaces you’d like them to run on, a firewall serves as a base layer of protection by limiting connections to and from your services before traffic is handled by an application.
A properly configured firewall will restrict access to everything except the specific services you need to remain open. Exposing only a few pieces of software reduces the attack surface of your server, limiting the components that are vulnerable to exploitation.
2. SSH keys
SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers. When working with a server, you’ll likely spend most of your time in a terminal session connected to your server through SSH. A more secure alternative to password-based logins, SSH keys use encryption to provide a secure way of logging into your server and are recommended for all users.
With SSH keys, a private and public key pair are created for the purpose of authentication. The private key is kept secret and secure by the user, while the public key can be shared.
1. Establish and Use a Secure Connection
2. Use SSH Keys Authentication
3. Secure File Transfer Protocol
4. Secure Sockets Layer Certificates
5. Use Private Networks and VPNs
6. Monitor Login Attempts
7. Manage Users
8. Establish Password Requirements
9. Set Password Expiration Policy
10. Use Passphrases For Server Passwords
11. Password Don’ts