When managing your online blogs, you want to make sure unauthorized user can’t hack and gain access to your servers. So, you must put in place steps that will help protect your online properties.
There are many good tutorials online that will show you how to hardened your blogs to allow only authorized users to sign in and manage them. When using WordPress as your content management system (CMS), it’s recommended to apply the best practices which include updating and applying security patches promptly, installing only secure plugins and not making the webserver owner of WordPress content.
These are all good steps to take to make sure your blogs keep running.
Another security practice most webmasters ascribe to is to change SSH port to a non-standard port. This means changing the default SSH port 22 to something different.
Why changing SSH port to a non-standard port will not save you
Changing SSH port to a non-standard port is an old trick. It may have worked in the past to but doing so today is just a waste of time. Hackers with the right port scanner script will be able to find that non-standard SSH port in no time.
So, don’t waste your time changing SSH port to something other than 22 to feel protected.
Using Dome9’s service to protect your sites
Dome9 is a cloud security service that integrates and manages your server’s firewall. In Linux system, the primary firewall is iptables. Dome9’s service integrates with iptables and helps control traffic to the from the server.
It’s a great service and if you manage an online blog with root access, you should be using it. The lite plan is provided free of charge. Paid plans provide more benefits.
Dome9’s SSH access
When you sign up for Dome9’s service and install the server package that manages your server’s firewall, it automatically blocks SSH and other protocol connections to your server except port 80 (web traffic).
Access is only granted on-demand and only to a particular IP address that logged-in to Dome9 enable access for a limited time. After the time expires, SSH access is turned off automatically.
On-demand access can be applied to other ports as well. Your server must first be accessible to Dome9’s before you can manage it.
Protecting your servers this way might be the best method