firefrost-gaming/firefrost-operations-manual
3
0
Fork 0
Code Issues 146 Pull Requests Packages Projects Releases Wiki Activity
Files
2e23976557b8877ffcf742e2ac39fb2d1923e93e
firefrost-operations-manual/docs/tasks/command-center-security
History
mkrause612 21dcc2f93a Create command-center-security task 
Task 6 (Tier 1 Security).
Fail2Ban + SSH hardening.

Date: 2026-02-16
2026-02-16 06:56:01 -06:00
..
README.md
Create command-center-security task
2026-02-16 06:56:01 -06:00

README.md

Command Center Security Hardening

Status: Ready
Priority: Tier 1 - Security Foundation
Time: 1 hour
Last Updated: 2026-02-16

Overview

Defense-in-depth security hardening for Command Center VPS (Dallas hub). Install Fail2Ban, harden SSH, review firewall rules.

Current State

  • UFW enabled (default deny incoming)
  • Ports 22, 80, 443 open
  • Fail2Ban not installed
  • SSH allows password auth
  • No rate limiting on SSH

Tasks

  1. Install Fail2Ban (auto-ban brute force)
  2. SSH Hardening:
    • Disable password auth (key-only)
    • Optional: Change SSH port
    • Set MaxAuthTries=3
  3. Review UFW rules (close unnecessary ports)
  4. Document in deployment-plan.md
  5. Test SSH with keys before closing password auth

Success Criteria

  • Fail2Ban active and monitoring
  • SSH key-only authentication
  • Command Center locked down
  • Security config documented

Fire + Frost + Foundation 💙🔥❄️

Reference in New Issue View Git Blame Copy Permalink