How to secure a Plesk server - Γνωσιακή Βάση

How to secure a Plesk server, Secure Server

Keep Plesk up-to-date
Set up the minimum password strength as Strong
Filter all unused ports using a firewall. Ports that are required for Plesk functionality can be found here
Secure Plesk and a mail server with SSL/TLS certificates
Set up secure FTP connection
Limit administrative access to Plesk
Restrict Remote Access via XML API
Install and configure Web Application Firewall (ModSecurity)
Use WordPress Toolkit Security Check to implement security best practices for WordPress instances
Enable automatic updates for WordPress and its modules as well as for other APS packages
Avoid using outdated web application packages, as they might contain vulnerabilities. Upgrade these applications to the latest version if possible
Install VirusTotal Website Check to scan websites using multiple anti-virus engines
Use Google Authenticator extension to set up a multi-factor authentication
In case of planning to set up PCI DSS Compliance, visit PCI DSS Compliance

Allow SSH access via a keyfile
Use a non-standard port for SSH connections
Forbid SSH authentication for root user
Switch off Perl and Python if it is not required for a website and never use 'mod_perl' and 'mod_python'.
Install a complete automated security solution Immunify360 to keep a server safe
Install ImunifyAV to keep websites free of malware
Install Fail2Ban to block hack attempts
Do not use the PHP handler served as Apache module as it is not secure
Enable automatic updates for system packages
Use KernelCare extension to be sure that a server's kernel is up-to-date
Configure the FTP passive port range on Linux
Ensure that Apache does not allow the SSL 2.0/SSL 3.0 protocol
Check the advanced documentation pages related to Plesk for Linux security: Enhancing Security

Ήταν χρήσιμη αυτή η απάντηση;

How to secure a Plesk server Εκτυπώστε