The mayority of web applications built with open source tools, when changed to production state, are hosted in servers with linux as operating system and the mayority of hosting providers offer the posibility to connect by ssh, ftp and web control panel like cpanel.
The ssh is a communication protocol that allows to execute shell commands in the server machine where our web applications are hosted. Some basic rules of security that we may want to implement, are done by modifying the file /etc/ssh/sshd_config .
Suggestions for basic configuration:
- Dont allow direct login to root user
#PermitRootLogin yes — This is the default value
- The tries number is max. 2
#MaxAuthTries 6 — This is the default value
- Change the port number
#Port 22 — This is the default value
- Allow only request by ssh2 protocol
#Protocol 2,1 — This is the default value
- Configure the time of close in inactive session, superior that 5 minutes
#ClientAliveInterval 0 — This is the default value
#ClientAliveCountMax 3 — This is the default value
Then you need restart your ssh services with the following command:
With this, your ssh connections have more security properties.