OpenTibiaBR
GithubDiscordSponsor
  • Home
    • 📖Welcome!
    • 💵Donate
  • OpenTibiaBR
    • 🖥️Projects
      • 🐦Canary
        • About
        • Getting Started
          • Compiling
            • Linux
              • [Linux] Compiling Canary Sources
            • Windows
              • Visual Studio
                • [Windows][VC2022][CMake] Compiling Canary Sources
                • [Windows][VC2022][Solution] Compiling Canary Sources
              • WSL
                • [WSL] Compiling Canary Sources
          • Installing
            • aaPanel
              • [Linux] Canary + aaPanel + MyAAC
            • Docker
              • [Docker] Canary + MariaDB + MyAAC
            • Linux
              • Nginx + MariaDB + MyAAC
            • Windows
              • Uniform Server
                • [Windows][Basic] Canary + Uniform Server + MyAAC
              • XAMPP
                • [Windows][Advanced] Canary + XAMPP + MyAAC
        • Tutorials
          • Basic
            • Auto Backup Server Database
            • Auto Restart and Linux Logs
            • Custom Bestiary / Prey with Canary Monster Editor
            • Event Schedule Canary / OTServBR-Global
            • How to make a custom server with Canary
            • How to reset players in your database
            • How to secure a Linux server
            • SSL Certificates
            • Webhook Discord
            • [Outdated] Custom Bestiary / Prey
            • [Linux] Backup + Upload - Google Drive
            • [Linux] How to install Linux headers
            • VPS Linux
            • [Windows] SSL/HTTPS Certificate with XAMPP
          • Mapping
            • [Windows] Remere's Map Editor - Opening Canary / OTServBR-Global Map
            • [Windows] Remere's Map Editor - Converting map server id to client id
          • Programming & Scripting
            • How to add a new vocation
            • Revscriptsys
            • Guide Lua Objects
            • How to get raceId for monsters
          • Websites
            • [Canary][OTServBR-Global][GesiorAAC][MyAAC] Set up Initial Character
          • Miscellaneous
            • Useful Tutorials
            • Video Tutorials
      • 🗺️Remere's Map Editor
        • About
        • Getting Started
          • Linux
            • [Linux] Compiling Remere's Map Editor Sources
          • Windows
            • WSL
              • [WSL] Compiling Remere's Map Editor Sources
            • Visual Studio
              • [Windows][VC2022][CMake] Compiling Remere's Map Editor Sources
              • [Windows][VC2022][Solution] Compiling Remere's Map Editor Sources
      • 🎮OTClient Redemption
        • About
        • Getting Started
          • Android
            • [Android] Compiling OTClient Redemption Sources
          • Linux
            • [Linux] Compiling OTClient Redemption Sources
          • Windows
            • WSL
              • [WSL] Compiling OTClient Redemption Sources
            • Visual Studio
              • [Windows][VC2022][CMake] Compiling OTClient Redemption Sources
              • [Windows][VC2022][Solution] Compiling OTClient Redemption Sources
          • Web
            • [Web] OTClient Redemption
        • Tutorials
          • Basic
            • Client Updater
    • 🔗Downloads
      • 🎮Clients
        • Client 11
        • Client 14
          • Tutorials
            • Client with HexEditorXVI32
            • Client with Notepad++
            • Client with config.ini
            • [Windows] How to change client background
        • OTClientV8
          • About
          • Getting Started
            • Android
              • [Android] Compiling OTClientV8 Sources
            • Linux
              • [Linux] Compiling OTClientV8 Sources
            • Windows
              • WSL
                • [WSL] Compiling OTClientV8 Sources
              • Visual Studio
                • [Windows][VC2022][CMake] Compiling OTClientV8 Sources
                • [Windows][VC2022][Solution] Compiling OTClientV8 Sources
          • Features
            • Health and Mana bar backgrounds
            • HTTP support
            • OTML Improvement
            • Simple cam recorder and player
            • Updater, encryption and compression
            • WebSockets
        • Minimap
      • 📑Codes
        • C++
        • Events
        • Functions
        • Libs
        • Modules
        • Others
      • 🖼️Images
        • PSDs
        • Others
      • 🗺️Maps
        • Custom
        • Global
      • 📑Revscripts
        • Actions
        • CreatureEvents
        • GlobalEvents
        • MoveEvents
        • NPCs
        • Spells
        • Systems
        • TalkActions
      • ⚔️Sprites
      • ⚙️Tools
        • Editors
        • Launchers
          • Canary Launcher
            • About
            • Getting Started
              • Windows
                • [Windows][VC2022][Solution] Compiling Canary Launcher Sources
          • Slender Launcher
            • About
            • Getting Started
              • Windows
                • [Windows][Go] Compiling Slender Launcher Sources
        • Login Server
          • About
          • Getting Started
        • Map Generators
      • 🌐Web Packages
        • Linux
        • Windows
      • 🌐Website Applications
        • Websites
          • CanaryAAC
            • About
            • Informations
              • Features
              • Functions
              • API
              • Routes
              • Middleware
            • CanaryAAC Bot
          • Gesior2012
            • About
          • GesiorAAC Global
            • About
          • MyAAC
            • About
          • MyAAC Global
            • About
          • SlenderAAC
            • About
          • ZnoteAAC
            • About
        • Applications
        • Layouts
        • APIs and SDKs
Powered by GitBook
On this page
  1. OpenTibiaBR
  2. Projects
  3. Canary
  4. Tutorials
  5. Basic

VPS Linux

  • Release only the ports necessary for EXTERNAL access, in the case of a single VPS, you do not need to release SQL port (3306). iptables commands: iptables -A INPUT -p tcp --dport 7171 -j ACCEPT iptables -A INPUT -p tcp --dport 7172 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT Enable native firewall: sudo ufw enable With this you release game ports and port for SSH access (which you will mitigate with access via private key and fail2ban), and follow the step by step:

  1. Configure your VPS authentication only from a private key and disable login via username and password.

  2. Install fail2ban (Linux), software that prevents brute force attacks, if there are several failed login attempts from an IP, it is dropped for X (configurable) minutes.

  3. Use DNS on CloudFlare

  4. Create 3 DNS entries in CloudFlare: a type A entry "play.myserver.com" with no proxy (where players will connect). Another type A "myserver.com" with proxy enabled. And the last one a CNAME of "www.myserver.com" pointing to "myserver.com"

  5. Configure your VPS to accept connections on port 80 and 443 only from CloudFlare IPs (https://developers.cloudflare.com/.../allow-cloudflare.../)

  6. Configure PHPMyAdmin to accept connections only from your IP, if dynamic you will need to change it whenever you change. https://nim-labs.com/restrict-phpmyadmin-access/

  7. Configure Apache (or another web server) to read your real IP through the proxy, to validate the connection to PHPMyAdmin. https://devanswers.co/get-real-client-ip-address.../ In some topics I already put the links, in others you can find them easily. I believe that this way you can guarantee greater security in your environment, another important thing is to keep the system always as updated as possible.

🖥️
🐦