Installing the server part General information Preparing the server Launching a container Connection and installation Setting up an SSL certificate Security settings Server update
Development Environment Scripts Root scripts Modular scripts Calling a module script Module script parameters Modular script operation Web modules
Handbook Accepted designations Module data types System keys Global keys Configuration Debugging tools Service Caching Performance API Parser MySql Session Emailer IpUtil Xml
Version update

Security settings

After installing the store, we recommend paying attention to server security issues. To do this, it would be a good idea to take a number of typical minimum actions. We recommend installing the fail2ban utility for security, which will help protect the server from hacking:

 # apt-get install fail2ban
 # cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

edit the configuration via the editor:

 # nano /etc/fail2ban/jail.local
 bantime.increment = true
bantime.factor = 2
bantime = 60m
findtime = 10m
maxretry = 5

Next, we restart:

 # systemctl restart fail2ban

Next, it will be correct to install and configure the UFW firewall for the system. Download and install:

 # apt install ufw -y

We deny all incoming connections by default:

 # ufw default deny incoming

and allow all outgoing:

 # ufw default allow outgoing

We allow access via SSH, as well as access to the site via ports 80 and 443:

 # ufw allow OpenSSH
 # ufw allow 80/tcp
 # ufw allow 443/tcp

Let's check the rules:

 # ufw show added

If everything is correct, then we turn on the firewall:

 # ufw enable

Let's check:

 # ufw status verbose

Now let's check and install security updates:

 # apt update && apt upgrade -y

and clear out unnecessary packages:

 # apt autoremove -y && apt autoclean -y