Talk in English - US at Longhorn PHP Conference 2019
View Slides: https://www.rogercreasy.com/slides/serverFortress/#/
Short URL: https://joind.in/talk/3547d (QR-Code (opens in new window))
Thanks to cloud providers like DigitalOcean, AWS, GCP, Linode, etc, we as developers can easily spin up servers for testing or production. We can have a complete server ready to go in a matter of seconds. Often security is an afterthought leaving servers vulnerable to attacks, abuse, or worse.
In this talk I will introduce some basic security settings and monitoring. I will make attendees aware of some of the many types of attacks, and the methodologies that can help protect them.
== Some of what this talk will cover ==
* Passwords – generating and protecting strong passwords
* Users – setting up, restricting access, granting rights (like sudo)
* Root – keeping access to root safe
* SSH – managing keys, defending against unauthorized access
* Firewalls – enhancing security with firewall rules
* Logwatch – get a daily email that summarizes security issues
* Fail2ban – rule-based control of your firewall
* Security Updates – how to automate
== Who this talk is for ==
Web developers who manage a cloud server, or those who want to manage one
Attendees will leave this talk with a better understanding of the threats that impact servers, and how to mitigate those threats. They will also have a list of resources and will leave with a basic understanding of how best utilize and implement those resources.