Through experience, these are some of the ways you could toughen your server security. Feel free to add your suggestions and tips.
1. USE STRONG PASSWORD.
That means having a combination of alphabets (in upper as well as lower-case), numerals and signs. The password should preferably be sufficient long enough, e.g. more than 8-10 characters.
Very poor passwords: admin, administrator, root, password, server, mysecretpassword, manager Poor passwords: 1982, joe72, john69, kingkong Good passwords: Ml69m2oo!_Dta1, k40c*F#@K\sY24$
One way of creating a tough password that you could remember:
Mandy Likes 69. Me Too! Don't Tell Anyone.... becomes M l 69 M 2oo ! D t a 1
2. INSTALL PATCHES IN A TIMELY FASHION
Subscribe to the announcement lists.
Patch your server software and applications as soon as updates become available. Of course, test them on your development server first to avoid surprises.
3. USE LEIF'S FIREWALL RULES
These rules will reduce probing and hacking attempts.
4. CHANGE YOUR WEBMIN, USERMIN, SSH PORT NO.
Change Webmin's port no. from 10000 to something else Change Usermin's port no. from 20000 to something else Change SSH's port no. from 22 to something else
Make sure you change your firewall rules accordingly.
5. USER GROUP FOR SSH ACCESS
You can create a user group and configure SSH server to only allow access to users from the group.
6. TURN OFF ROOT ACCESS
You should turn off root access to the common services. Create another user who has root privileges, and use that login instead.
7. MYSQL USER ACCOUNTS
Insert a password for your MySQL root user. The default is blank.
Delete any unnecessary MySQL user account.
8. TURN OFF SERVICES YOU DON'T USE
For example, if you don't use FTP, turn it off.