This Simple Three Step Can Help You To Secure Your Stack Server From Attackers

While there are many ways to make sure your Stack Server is as secure as possible there are some basic steps and measures that you can take to cover your bases.

Users with a Linux server can change their SSH port to something other than the default port (22).

Step #1: Reconfigure SSHD
The easiest way to change the port is to SSH into the server as root:

Once you are logged in to the Stack Server as root we can begin editing the sshd_config file. As with any modification to an important server file, it is always a good idea to back it up before making any changes:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup

Now we are ready to modify the file. Open /etc/ssh/sshd_config in your favorite text editor and locate the line that specifies the port. If your sshd_config file has not been altered the Port setting will be commented out with a # symbol (example below).

For example, the default SSH port appears in a line like this:

#Port 22

The # symbol tells the server to ignore anything after it on the same line, so we will need to remove that character and then change the number 22 to something else. Be sure you do not pick a port number that is in use by a different service. If you are unsure, Wikipedia has a list of port numbers and their uses. Try to use a port number that is not listed. For this example, we will use Port 465.

Remove the # symbol and change the port number. To change the SSH port to 456, you will need to make the line appear like this:

Port 456

Save your changes and close the sshd_config file.

Step #2: Update IPTables and Firewall

After you are finished configuring SSH, you will need to add the port to iptables as well as your installed firewall.

To update iptables, please enter the following in SSH:

iptables -A INPUT -m state –state NEW -m tcp -p tcp –dport 456 -j ACCEPT

When using the command above, be sure to substitute 456 with the actual port number you are adding.

Step #3: Restart Services
SSH must now be restarted in order to activate your changes. You can do so by issuing the following command:

service sshd restart