Have you recently spun up a new Ubuntu Droplet on DigitalOcean? The other day, when I checked my authentication logs in /var/log/auth.log, I came across several login attempts with random usernames.
We often take security for granted, but it becomes something of great concern once you start to manage servers of your own. If you were to leave your Droplet as it is, it is only a matter of time before hackers guess your login credentials and gain access to your system. Hence, here are some basic security measures you should set up to prevent others from breaking in:
If you manage a Unix-like server, every now and then, you might get an email from the server notifying you of important errors that occur in your server. Here’s one that I got earlier today from an Ubuntu 18.04 server of mine:
Cron <root@terresquall> test -x /usr/sbin/anacron || ( cd / && run-parts –report /etc/cron.daily )
/etc/cron.daily/logrotate: error: error running shared postrotate script for ‘/var/log/apache2/*.log ‘ run-parts: /etc/cron.daily/logrotate exited with return code 1
Mail sent at 06:39
It’s never fun to receive server admin emails like this, because it means that your server has issues, but the message tends to be really ambiguous, so it’s really hard to figure out what the issue is. Obviously, I didn’t know what the issues were, so I had to do some research.