It scratches the surface of the most obvious stuff. I’d only add running apps in isolation (docker or adduser) and maybe fail2ban.

  • Krtek@feddit.de
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    While in no means a security measure, just disabling IPv4 for SSH on my VPS has completely eliminated bots/scripts attempting to login to my VPS directly