Here are some references for various fix ups or tweaks that I apply to servers with a RunCloud control panel. These are not all done inclusively, depends on the need.
Change root password
You root password initially generated by your host provider might be on the weak side always best to change and strengthen it.
SSH in as root and run:
Then you can either type in a new password or paste in a generated one.
Change the SSH Port from the default 22
Uncomment and change to desired port
service ssh restart
Open new port in RunCloud panel, close old 22 – then redeploy firewall.
If you have changed SSH port and closed port 22 on the firewall – change fail2ban to include new SSH port, while you are at it – give your IP Address a permanent pass…
[DEFAULT] ignoreip = 127.0.0.1/8 22.214.171.124 bantime = 36000 findtime = 600 maxretry = 5 [sshd] enabled = true logpath = %(sshd_log)s port = 2683 banaction = iptables
service fail2ban restart
Check running on server
Check open ports
Should match with RunCloud panel
How to restart Firewall on Server.
service firewalld restart
Block access to xmlrpc.php and wp-login.php via NGINX
Add new user
Add/remove users to the sudo group (login as root)
usermod -aG sudo [username]
Remove a user from the sudo group
deluser [username] sudo
Tweak MySQL Performance Using MySQLTuner
Send command line server emails by tweaking Postfix
Server Domain Name
Set a server hostname and FQDN
Set up a malware scanner LMD
Update the RunCloud Agent
apt update && unattended-upgrade -d apt upgrade runcloud-agent service runcloud-agent restart