1. Open the firewall and ban all unused ports.
/etc/init.d/iptables start //The simple rules are as follows, you can adapt them according to the situation.
/sbin/iptables -F
/sbin/iptables -A INPUT -p tcp -i vnet0 –dport ssh -j ACCEPT
/sbin/iptables -A INPUT -p tcp -i vnet0 –dport 80 -j ACCEPT
/sbin/iptables -A INPUT -i vnet0 -m state –state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -p ICMP -j DROP
/sbin/iptables -A INPUT -i vnet0 -j DROP
The simplest few iptables, restart iptables after modification.
/etc/init.d/iptables restart
2. Change the ssh port. Pay attention to the firewall to open this port, otherwise it will be banned. In principle, it is better to change it to a port above 5000.
vi /etc/ssh/sshd_config //Search for Port and change the following number to the port number you want. If there is a # in front of Port, delete it.
3. Disable root login. Be careful to create a normal user first, otherwise it will be tragic.
vi /etc/ssh/sshd_config //Search for PermitRootLogin and change the following yes to no. If there is a # sign in front, delete it.
Second, restart ssh after completing the three steps.
service sshd restart
Article source: http://www.deepvps.com/vps-simple-security-measures.html
Please indicate the source link when reprinting