Background: 15 years of experience in software and apparently spoiled because it was already set up correctly.

Been practicing doing my own servers, published a test site and 24 hours later, root was compromised.

Rolled back to the backup before I made it public and now I have a security checklist.

  • Possibly linuxEnglish
    2·
    4 hours ago

    That wouldn’t be defense in depth. You want to limit anything that’s not necessary as it can become a source of attack. There is no reason root should be enabled.

    • Faresh@lemmy.mlEnglish
      1·
      58 minutes ago

      I don’t understand. You will still need to do administrative tasks once in a while so it isn’t really unnecessary, and if root can’t be logged in, that will mean you will have to use sudo instead, which could be an attack vector just as su.

    • Xanza@lemm.eeEnglish
      21·
      3 hours ago

      Why do like, houses have doors man. You gotta eliminate all points of egress for security, maaaan. /s

      There’s no particular reason to disable root, and with a hardened system, it’s not even a problem you need to worry about…