> > I'd use HTTPS/SSL for web access and definitely use SSH (preferably using > both certificates and passwords) for server access (for people administering > the linux installations). >
SSH is a must. I would also move it to a non-standard port, and disable remote access with passwords, and disable the root user from being able to login over SSH. You will still get a lot of bot attacks, but using certificates (with a password) will greatly increase the security of the server. _______________________________________________ Mailing list: https://launchpad.net/~dhis2-users Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-users More help : https://help.launchpad.net/ListHelp
