• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Question Change SSH Port and how to make Plesk secure?

CobraArbok

CobraArbok

Regular Pleskian
I made a new installation of Plesk, some components and some extensions.
I then made a first basic configuration without anything in particular.
In terms of security I have limited myself to installing and activating Firewall, Fail2Ban and mod_security, without altering the configuration.
Now in /var/log/auth.log I see a continuous and constant intrusion attempt with the root user, while from the panel VPS of the provider I see an equally anomalous number of incoming pings.

I have already disabled login as root.
I would like to change port 22, but after doing it in sshd_config I can't even access it. On another server, without Plesk, there is no problem.
I created a new rule in Firewal, but it doesn't seem enough.
Where should I enable the new SSH port?

Do you have any tips to better protect the server?
 
Changing your SSH port will not greatly improve the security of your server. This method is called "Security by obscurity" which is not considered good practice.

You should rather focus on the following points:
1) Only allow SSH access from IPs that are allowed to connect. For example, if you have a static IP then only allow your IP in the firewall rules to connect to the SSH port.
2) Use strong passwords everywhere
3) Use fail2ban to block repeated authentication attempts

Have a look at this thread here, there's a lot of discussion about exactly this subject:
Resolved - Change ssh port
 
You must log in or register to reply here.

Similar threads

serreri
Issue Redundant error after changing ssh port with plesk extension - SSH Terminal - 1.3.8-111
Replies
1
Views
495
Vladimir C.
V
M
Issue Opening SSH Terminal in Plesk fails
Replies
9
Views
454
alvarezcruz
alvarezcruz
H
Question SSH user can see other subdomain directories even with chrooted shell?
Replies
3
Views
566
Raul A.
R
R
Question The New Plesk Firewall is lacking port numbers/specifics. Can anyone supply a map of ports>services??
Replies
5
Views
918
MHC_1
M
V
Issue Smarthost + SRS = relay?
Replies
2
Views
10K
vanlier
V
Back
Top