• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!
  • 2026 staff recruitment is open! Check it out and consider applying!

Linux How to defend against hackers

Fiodor

Fiodor

Lua & Maps
Joined
Mar 14, 2009
Messages
400
Reaction score
10
Location
Poland
In few days I'm starting new OTserver, on tfs 0.4, debian 8, znote acc
I already changed 'phpmyadmin' to something less obvious and I have complex mysql password

What else do you think should I do to protect my server against people trying to break in?
 
Sort by date Sort by votes
Nobody will want to hack you if you wokt have any good amount of players xd
 
Upvote 0 Downvote
Fiodor said:
Once I had forum about OpenTibia with like ~10 users in general and somebody hacked and destroyed it
so xD
Click to expand...
I had 50 players and never been hacked.
Use complex passwords like @s2S#12S#21S21W#$56s etc.
 
Upvote 0 Downvote
Fiodor said:
In few days I'm starting new OTserver, on tfs 0.4, debian 8, znote acc
I already changed 'phpmyadmin' to something less obvious and I have complex mysql password

What else do you think should I do to protect my server against people trying to break in?
Click to expand...
1. Remove php my admin at all and use only mysql in console
2. Generate ssh keys and turn off login by password too debian (use ssh keys)
3. Try configure fail2ban for acc menager (google it)
4. Add monitoring tool for daemons (maybe monit? https://mmonit.com/monit/ ), download and compile latest :)
5. Try too find good iptables configuration for TFS
6. Remove possibility too login into mysql root from any network

Good luck!
 
Upvote 0 Downvote
Fiodor said:
What else do you think should I do to protect my server against people trying to break in?
Click to expand...

@hellboy has made some good suggestions. A majority of hacking comes not from technical vulnerabilities nor poor security measures.
A majority of hacking comes from social engineering. If you ever decide to share sensitive information with someone else, share the information with one of these two expectations:

1. It will be leaked or used to exploit you in the future.
2. You're willing to have it leaked or exploited.

One, but usually both, will occur in the long-run; few exceptions exist.
Red
 
Upvote 0 Downvote
wisely said
that's why I'm trying to avoid sharing any sensitive informations

thank you guys, propably I won't follow all @hellboy tips, because I'm not experienced in linux and web administration at all, but uncle Google is very helpful

I installed fail2ban, but when I'm trying to enable/restart it, error appears

sudo service fail2ban restart
[ ok ] Restarting authentication failure monitor: fail2ban.

how to fix it?
 
Last edited by a moderator:
Upvote 0 Downvote
Fiodor said:
I installed fail2ban, but when I'm trying to enable/restart it, error appears

sudo service fail2ban restart
[ ok ] Restarting authentication failure monitor: fail2ban.

how to fix it?
Click to expand...
You have to configure it first. Google about configure it with nginx or apache2 ( I don't know what you use) and ssh :)
 
Upvote 0 Downvote

Similar threads

F
  • Question Question
Tfs.exe crash on Windows after player abuses depot/container depot bug
Replies
13
Views
2K
ffranks
F
Back
Top