8 lines
401 B
Markdown
8 lines
401 B
Markdown
# Securing the VPS
|
|
## Network Security
|
|
- **SSH Hardening**: Password authentication disabled, root login disabled, key-only authentication
|
|
- **Firewall Configuration**: UFW with deny-all incoming, allow-all outgoing defaults
|
|
- **Fail2ban**: SSH brute-force protection with configurable ban times
|
|
- **Kernel Network Hardening**: IP forwarding disabled, source routing blocked, ICMP redirects disabled
|
|
|