I am just scared. I am new to linux and commands. And I have seen experienced people getting locked of root and then ending up deleting the server.
So far I have done this to secure:
Added MFA
Changed SSH port
Using my web panel plesk’s firewall which has fail2ban + mod security
xmlrpc blocked
wp admin blocked
disabled php execution
bad countries blocked
domain behind Cloudflare Access
I am the only user in my server and site.
So, is it necessary to disable root?
As I don’t have tech knowledge that much, I fear having getting locked out of root. Because I have seen many experienced users getting locked out of root and getting frustrated and ultimately deleting the server.
What are your thoughts?
View Reddit by yoyobono – View Source