Over the past few weeks my web/email server has been attacked multiple times. So I’ve started hardening my defenses. Stay tuned as I will be documenting what I do and what I learn. Today I’ve been experimenting with iptables and the settings for my sshd (the server that allows me to connect to the web server “behind the scenes”).
Just this morning as I was tweaking things I “watched” someone in Russia try to guess passwords and account names. He was at 212.110.146.180 (u590.so-com.net) in case anyone is interested.
One of the biggest things I need to do is to re-train my customers to use a different program to upload files to their web sites. Right now I have them set to use FTP, but that needs to go away. SFTP looks like it will be the way to do things.