Hi Installed wordpress with HHVM and fast cgi cache so does EE handle all security itself or it can be improved Please Link to some article to do it
Hi, as far as I know EasyEngine does one thing and it does it well: WordPress Autosetup and Hosting. But Serversecurity has to be handled by you yourselve.
Please google it and you will find a ton of info. Most important are:
- A firewall and blocking all ports you dont need (I like UFW in Ubuntu as it gives you simple commands to get most things done just like EE)
- Securing your SSH connection (No Root login, no password login…)
- Automatic Security Updates
I am sure I forgot something, youll find what you need by googling your Linux Distro together with “securing”.
Thanks For the reply find virtubox Github and it knowledgebase virtubox github
in running process there is HHVM something like this 2123/hhvm so should i enable it in ufw like this ufw allow 2123 and other process too
in these three i put my own ip ?
Allow connections on all ports from an IP ufw allow from 188.8.131.52
Allow connections on all ports from a subnet ufw allow from 184.108.40.206/24
Specify a port + an IP + a protocol ufw allow from 220.127.116.11 to any port 22 proto tcp
and what to do when my ip changed
can you help me with ufw ?
@vibhi This is what I do with ufw on a new ubuntu server:
sudo apt-get install ufw -y sudo ufw default allow outgoing sudo ufw default deny incoming sudo ufw allow 22 sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw logging on echo "y" | sudo ufw enable
should i use this config
If you look at it you will see my commands are also in there.
ufw allow 443/tcp for example does the same as
ufw allow https.
You should make sure to only allow the ports you really need. SSH is a given of course with the standard port 22. But you can change it also if you want. And if you host any kind of website http and https are also necessary.
Just see what the other ports are for and then decide if you need them.
Like I mentioned before there are also plenty of other and more complete tutorials out there of how to secure your Ubuntu Server. If you have another OS just search for that one of course.
do i need to add other port in ufw or not? like hhvm or memcache