Background: 15 years of experience in software and apparently spoiled because it was already set up correctly.

Been practicing doing my own servers, published a test site and 24 hours later, root was compromised.

Rolled back to the backup before I made it public and now I have a security checklist.

    • Xanza@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 小时前

      There’s no real advantage to disable the root user, and I really don’t recommend it. You can disable SSH root login, and as long as you ensure root has a secure password that’s different than your own account your system is just as safe with the added advantage of having the root account incase something happens.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 小时前

        That wouldn’t be defense in depth. You want to limit anything that’s not necessary as it can become a source of attack. There is no reason root should be enabled.

        • Faresh@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 分钟前

          I don’t understand. You will still need to do administrative tasks once in a while so it isn’t really unnecessary, and if root can’t be logged in, that will mean you will have to use sudo instead, which could be an attack vector just as su.

        • Xanza@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          2 小时前

          Why do like, houses have doors man. You gotta eliminate all points of egress for security, maaaan. /s

          There’s no particular reason to disable root, and with a hardened system, it’s not even a problem you need to worry about…