• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Issue Tutorial to secure Plesk on Linux Server

Sysmonet

Sysmonet

New Pleskian
Hi;
As a newbie to VPS and Plesk, I tried to secure my server following the tutorials. But when I started by changing the port in sshd_config, I got connection refused. I reinstalled my VPS, started from zero and each time I get some kind of error. All I want is to sleep comfortably knowing that nobody can brut force access to my server and turn it inaccessible for me. The use of root and showing my IP just by checking DNS and using standard port like 22 for SSH or going IP_Adress:8443 and using admin and brut force password.
Could you help me or showing me how to protect my server?
 
After watching so many tutorials, here is what I did for future searchers :
1- logged in SSH using root provided access
2- Added a new user (adduser username)
3- Entred to : visudo
added my username under root user and gived it all root privelages
username ALL=(ALL:ALL) ALL
4- gived the new user admin sudo
4'- on a debian 8 server I just use : su root
to access root
4"- on Ubuntu 16.04 i run the command : sudo systemctl username sudo
5- I kept the root session opened
6- I opened new session and checked my user access using : sudo /etc/passwd
or : su root
7- using the new session to check my new user privelages I made the following command : sudo apt-get nano
8- Then I copied the sshd_config file :
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
9- check that file exists :
cd /etc/ssh
and
ls
10- modified the sshd_config file :
nano /etc/ssh/sshd_config
10'- Added this under port : AllowUsers username
10"- changed yes to no here : PermitrootAccess no
Then saved CTRL+O, Enter, CTRL+X to save
10'''- in debian server changed the port with no problem, but in the Ubuntu server it doesn't connect (I will update later about this issue)
11- Restarted ssh without closing root session already opened in case it didn't work (learned from mistakes) : sudo restart ssh
Voilà, I could sleep better now. Next I am learning about using keys methods to login, I am just checking what happens if you lost private key.
Hope this helps sombody one day
 
You must log in or register to reply here.

Similar threads

C
Question How can I secure my Mail with Letsencrypt next to Cloudflares Origin Certificate in Plesk?
Replies
4
Views
1K
cpulove
C
F
Question How to disable/restrict by IP <server-ip>/login_up.php ?
Replies
4
Views
2K
W4ru
W
adocsys
Resolved How to add HTTP Security Header on port 80?
Replies
3
Views
2K
adocsys
adocsys
S
Question Cache is growing. Server is no longer accessible.
Replies
4
Views
549
straddi
S
T
Issue Stop Plesk Brute Force Attacks NOW: Cloudflare + Windows Server Fix
Replies
0
Views
345
TheHostingHeroes
T
Back
Top