

Ask HN: Best practices for keeping cloud server secure? (linux) - todd3834

I'm able to take a basic linux distro (stable Ubuntu Server) and install everything I need to get my web apps up and running. (Django, Rails, PHP etc...) But after all of that I would appreciate some advice on security.<p>Here is my current checklist:
1. Change the root password assigned to me
2. Add admin user so I don't have to log in as root
3. Change ssh port to something random I make up and require SSH Key
4. Set up iptables to block nearly everything except (80, my ssh port, and maybe a couple of others depending on requirements)<p>What now? How do I keep the server up to date? I really don't want to have to read the ubuntu-security-announce mailing list daily I just want to build web apps.
======
rphlx
Focus on your site/content and its security (SQL injection, XSS, secure
password storage, spam prevention, etc).

There have been no remote-root sploits in Linux/ssh/apache in a long freaking
time. If you get owned, it's probably due to your code, not some widely used
open source component.

------
jolan
> How do I keep the server up to date?

sudo apt-get update

sudo apt-get upgrade

