This is a collection of all the setup and configuration I do immediately after installing a default CentOS 7 VPS in Digital Ocean. It includes basic security configuration, such as firewalld and changing sshd port, and kernel/system variables for improving VPS performance. On top of this is where I do all my Sysadmin installations.

Lets get started.

  1. Digital Ocean VPS creation considerations:
    • Remember adding your SSH keys to use them as the authentication for connecting to the server. You can add your keys or choose between previously added keys from the “Create Droplet” page.That way in the newly created droplet the SSH daemon will ONLY accept digital certificates for the login process. Digital Ocean will automatically create the sshd configuration. This also serves as an additional layer of protection against bots trying to brute-force your SSH service.
    • Enable the following “Additional Options”, they are free and very useful:
      • [x] Private Networking
      • [x] IPv6
      • [x] Monitoring
    • If you don´t have a Digital Ocean account, you can use my Digital Ocean Referral Code and get US$ 10 in credit for free.
  2. Initial Setup: Install OS Updates and basic utilities
  3. Change SSH Port: To reduce the probability of being targeted by cracking bots. Use any port number you want as long as it doesn´t interfere with other services.
  4. Configure Firewalld:
  5. Configure Sysctl & ulimit:
  6. Enable fail2ban:

     
  7. Additional Resources: