Here are some references for various fix ups or tweaks that I apply to servers with a RunCloud control panel. These are not all done inclusively, depends on the need.
Change the SSH Port from the default 22
Change to desired port
Open new port RunCloud panel, close old 22 – redeploy firewall.
If you have changed SSH port and closed port 22 on the firewall – change fail2ban to include new SSH port, while you are at it – give your IP Address a permanent pass…
nano /etc/fail2ban/ jail.local
[DEFAULT] ignoreip = 127.0.0.1/8 188.8.131.52 bantime = 36000 findtime = 600 maxretry = 5 [sshd] enabled = true logpath = %(sshd_log)s port = 2683 banaction = iptables
service fail2ban restart
Check running on server
Check open ports
Should match with RunCloud panel
How to restart Firewall on Server.
service firewalld restart
Block access to xmlrpc.php and wp-login.php via NGINX
Add new user
Add/remove users to the sudo group (login as root)
usermod -aG sudo [username]
Remove a user from the sudo group
deluser [username] sudo
Tweak MySQL Performance Using MySQLTuner
Send command line server emails by tweaking Postfix
Server Domain Name
Set a server hostname and FQDN
Set up a malware scanner LMD