While PHP developers usually pay more attention to the code level of things, it's good to know something about managing the servers their applications live on too. In this most recent tutorial from NetTuts.com they introduce you to some of the basic things you can do to help secure your server against potential attacks, more specifically around the logins.
Thanks to the growing abundance of useful self-hosted apps such as WordPress and the affordable growth of cloud hosting providers, running your own server is becoming increasingly compelling to a broader audience. But securing these servers properly requires a fairly broad knowledge of Linux system administration; this task is not always suitable for newbies.
They provide a list of seven things to look at (not a comprehensive list, but good none the less) to protect your system logins:
- Update Your System Components
- Change Your SSH Port From the Default
- Activate a Firewall
- Change Your Root Login Name
- Activate Google Two-Factor Authentication
- Switch to Using SSH Keys for Login
- Manage Your Application Security
Each item includes a summary of the "why" and commands or links to other resources with more information.