"Google Compute Engine should be a lot more secured out of the box"
Most modern server instances are secure out of the box. It's the user who makes them insecure.
I like AWS because it lets you manage firewall settings of EC2 instances through the console. I obviously open port 443 to the public, but nothing else. If I need to get in for some reason, I whitelist my current IP, log in, and then remove the IP.
That decreases the points of failure quite a bit. I'm not sure if there's a GC version of the same thing.
Did you use a password to log into this instance? For a production server like that, you should be using SSH keys with secure passphrases.
In case you have a root password and were logging in as root, that's another thing you shouldn't do.
As mentioned in the article, I've simply used the click-to-deploy feature to create my instance.
SSH Keys were with passphrases, and the Console's SSH client logs you in as your account name's user (not root), I never logged in as root myself actually.
Well, definitely use 2FA on your GC account, then.
Ubuntu-based EC2 instances aren't "more secure", but they set you up as a user of better security practices. Like any set of tools, though, you have to understand them and use them properly.
5 comments
[ 0.20 ms ] story [ 31.3 ms ] threadMost modern server instances are secure out of the box. It's the user who makes them insecure.
I like AWS because it lets you manage firewall settings of EC2 instances through the console. I obviously open port 443 to the public, but nothing else. If I need to get in for some reason, I whitelist my current IP, log in, and then remove the IP.
That decreases the points of failure quite a bit. I'm not sure if there's a GC version of the same thing.
Did you use a password to log into this instance? For a production server like that, you should be using SSH keys with secure passphrases.
In case you have a root password and were logging in as root, that's another thing you shouldn't do.
SSH Keys were with passphrases, and the Console's SSH client logs you in as your account name's user (not root), I never logged in as root myself actually.
Ubuntu-based EC2 instances aren't "more secure", but they set you up as a user of better security practices. Like any set of tools, though, you have to understand them and use them properly.
Is something like Heroku not an option for you?
It is now.