Cpanel Server SSH Hardening Simple Steps

Here are some steps you can carry out to restrict SSH access to the server. Please note that these steps are mostly used for Cpanel server.

These are just some steps you can take if you wish to totally secure your server you can contact your hosting provider or you can contact our technical support team at support@myvpshost.org.

1.  Deny all user to access your root user, permit by exception (iptables or tcpwrappers, AllowUsers)
2.  Do not ever log into sshd as root (PermitRootLogin no)
3.  Every time at the step-up use strongly passworded ssh keys instead of password auth (PasswordAuthentication no)
4.  You need to remove temporary accounts, such as those used by 3rd party support companies
5.  Try to change any passwords often used by 3rd party support users
6.  Do not reuse passwords or password which you have already used for the server/accounts.
7.  Do rotate passwords periodically, if you use them rotate ssh keys periodically
8.  Do use WHM >> Configure Security Policies
9.  Configure a remote syslog server. That way if you do get hacked, you still have logs safely stored at another location.