re: Analyzing the Attacks on my Website VIEW POST


You didn't mention SSH keys and maybe you already do this, but for the benefit of others trying to secure a public-facing machine, it's best to disable password-based authentication and use ssh keys to authenticate instead. Combined with fail2ban (mentioned by Ben) it's a good way to prevent brute force attacks.

DigitalOcean has a good writeup of how to generate SSH keys and configure a Linux machine to use them.

Code of Conduct Report abuse