{"id":3170,"date":"2025-12-08T15:08:11","date_gmt":"2025-12-08T12:08:11","guid":{"rendered":"https:\/\/www.dchost.com\/blog\/yeni-vpste-ilk-24-saat-guncelleme-guvenlik-duvari-ve-kullanici-hesaplari\/"},"modified":"2025-12-08T15:08:11","modified_gmt":"2025-12-08T12:08:11","slug":"yeni-vpste-ilk-24-saat-guncelleme-guvenlik-duvari-ve-kullanici-hesaplari","status":"publish","type":"post","link":"https:\/\/www.dchost.com\/blog\/yeni-vpste-ilk-24-saat-guncelleme-guvenlik-duvari-ve-kullanici-hesaplari\/","title":{"rendered":"Yeni VPS\u2019te \u0130lk 24 Saat: G\u00fcncelleme, G\u00fcvenlik Duvar\u0131 ve Kullan\u0131c\u0131 Hesaplar\u0131"},"content":{"rendered":"<div class=\"dchost-blog-content-wrapper\"><div id=\"toc_container\" class=\"toc_transparent no_bullets\"><p class=\"toc_title\">\u0130&ccedil;indekiler<\/p><ul class=\"toc_list\"><li><a href=\"#Yeni_Aldiginiz_VPSte_Ilk_24_Saat_Neden_Bu_Kadar_Onemli\"><span class=\"toc_number toc_depth_1\">1<\/span> Yeni Ald\u0131\u011f\u0131n\u0131z VPS\u2019te \u0130lk 24 Saat Neden Bu Kadar \u00d6nemli?<\/a><\/li><li><a href=\"#02_Saat_Ilk_Erisim_Kimlik_Dogrulama_ve_Hizli_Kontroller\"><span class=\"toc_number toc_depth_1\">2<\/span> 0\u20132 Saat: \u0130lk Eri\u015fim, Kimlik Do\u011frulama ve H\u0131zl\u0131 Kontroller<\/a><ul><li><a href=\"#Sunucu_Bilgilerini_Netlestirmek\"><span class=\"toc_number toc_depth_2\">2.1<\/span> Sunucu Bilgilerini Netle\u015ftirmek<\/a><\/li><li><a href=\"#SSH_ile_Ilk_Baglanti_ve_Temel_Bilgiler\"><span class=\"toc_number toc_depth_2\">2.2<\/span> SSH ile \u0130lk Ba\u011flant\u0131 ve Temel Bilgiler<\/a><\/li><li><a href=\"#Ilk_Parola_Degisikligi\"><span class=\"toc_number toc_depth_2\">2.3<\/span> \u0130lk Parola De\u011fi\u015fikli\u011fi<\/a><\/li><li><a href=\"#Donanim_ve_Ag_Sagligini_Hizli_Kontrol_Etmek\"><span class=\"toc_number toc_depth_2\">2.4<\/span> Donan\u0131m ve A\u011f Sa\u011fl\u0131\u011f\u0131n\u0131 H\u0131zl\u0131 Kontrol Etmek<\/a><\/li><\/ul><\/li><li><a href=\"#26_Saat_Sistem_Guncellemeleri_ve_Temel_Araclar\"><span class=\"toc_number toc_depth_1\">3<\/span> 2\u20136 Saat: Sistem G\u00fcncellemeleri ve Temel Ara\u00e7lar<\/a><ul><li><a href=\"#Tum_Paketleri_Guncellemek\"><span class=\"toc_number toc_depth_2\">3.1<\/span> T\u00fcm Paketleri G\u00fcncellemek<\/a><\/li><li><a href=\"#Temel_Yonetim_Araclarini_Kurmak\"><span class=\"toc_number toc_depth_2\">3.2<\/span> Temel Y\u00f6netim Ara\u00e7lar\u0131n\u0131 Kurmak<\/a><\/li><li><a href=\"#Zaman_Dilimi_ve_NTP_Ayarlari\"><span class=\"toc_number toc_depth_2\">3.3<\/span> Zaman Dilimi ve NTP Ayarlar\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#612_Saat_Kullanici_Hesaplari_ve_SSH_Sertlestirme\"><span class=\"toc_number toc_depth_1\">4<\/span> 6\u201312 Saat: Kullan\u0131c\u0131 Hesaplar\u0131 ve SSH Sertle\u015ftirme<\/a><ul><li><a href=\"#Root_Yerine_Yetkili_Bir_Kullanici_ile_Calismak\"><span class=\"toc_number toc_depth_2\">4.1<\/span> Root Yerine Yetkili Bir Kullan\u0131c\u0131 ile \u00c7al\u0131\u015fmak<\/a><\/li><li><a href=\"#SSH_Anahtar_Tabanli_Erisim_Kurmak\"><span class=\"toc_number toc_depth_2\">4.2<\/span> SSH Anahtar Tabanl\u0131 Eri\u015fim Kurmak<\/a><\/li><li><a href=\"#SSH_Yapilandirmasini_Sertlestirmek\"><span class=\"toc_number toc_depth_2\">4.3<\/span> SSH Yap\u0131land\u0131rmas\u0131n\u0131 Sertle\u015ftirmek<\/a><\/li><\/ul><\/li><li><a href=\"#1218_Saat_Guvenlik_Duvari_Firewall_Kurmak\"><span class=\"toc_number toc_depth_1\">5<\/span> 12\u201318 Saat: G\u00fcvenlik Duvar\u0131 (Firewall) Kurmak<\/a><ul><li><a href=\"#Neden_Ilk_Gunden_Firewall_Kurmalisiniz\"><span class=\"toc_number toc_depth_2\">5.1<\/span> Neden \u0130lk G\u00fcnden Firewall Kurmal\u0131s\u0131n\u0131z?<\/a><\/li><li><a href=\"#UFW_ile_Hizli_ve_Basit_Kurulum_UbuntuDebian\"><span class=\"toc_number toc_depth_2\">5.2<\/span> UFW ile H\u0131zl\u0131 ve Basit Kurulum (Ubuntu\/Debian)<\/a><\/li><li><a href=\"#RHEL_Tabanli_Sistemlerde_firewall-cmd_firewalld\"><span class=\"toc_number toc_depth_2\">5.3<\/span> RHEL Tabanl\u0131 Sistemlerde firewall-cmd (firewalld)<\/a><\/li><li><a href=\"#nftables_ile_Ileri_Seviye_Guvenlik_Duvari\"><span class=\"toc_number toc_depth_2\">5.4<\/span> nftables ile \u0130leri Seviye G\u00fcvenlik Duvar\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#1824_Saat_Giris_Denemeleri_Loglar_ve_Ek_Guvenlik_Katmanlari\"><span class=\"toc_number toc_depth_1\">6<\/span> 18\u201324 Saat: Giri\u015f Denemeleri, Loglar ve Ek G\u00fcvenlik Katmanlar\u0131<\/a><ul><li><a href=\"#SSH_Brute_Force_Saldirilarina_Karsi_Fail2ban\"><span class=\"toc_number toc_depth_2\">6.1<\/span> SSH Brute Force Sald\u0131r\u0131lar\u0131na Kar\u015f\u0131 Fail2ban<\/a><\/li><li><a href=\"#Gunluk_Log_Kontrolleri_Icin_Aliskanlik_Kazanmak\"><span class=\"toc_number toc_depth_2\">6.2<\/span> G\u00fcnl\u00fck Log Kontrolleri \u0130\u00e7in Al\u0131\u015fkanl\u0131k Kazanmak<\/a><\/li><li><a href=\"#Temel_Izleme_ve_Uptime_Kontrolu\"><span class=\"toc_number toc_depth_2\">6.3<\/span> Temel \u0130zleme ve Uptime Kontrol\u00fc<\/a><\/li><\/ul><\/li><li><a href=\"#Ek_Adim_Yedekleme_ve_Sonraki_Gunler_Icin_Yol_Haritasi\"><span class=\"toc_number toc_depth_1\">7<\/span> Ek Ad\u0131m: Yedekleme ve Sonraki G\u00fcnler \u0130\u00e7in Yol Haritas\u0131<\/a><ul><li><a href=\"#Yedekleme_Stratejisini_Ertelemeyin\"><span class=\"toc_number toc_depth_2\">7.1<\/span> Yedekleme Stratejisini Ertelemeyin<\/a><\/li><li><a href=\"#Web_Uygulamasi_Yayina_Alirken_Guvenlik_Basliklari\"><span class=\"toc_number toc_depth_2\">7.2<\/span> Web Uygulamas\u0131 Yay\u0131na Al\u0131rken G\u00fcvenlik Ba\u015fl\u0131klar\u0131<\/a><\/li><\/ul><\/li><li><a href=\"#Ozet_Ilk_24_Saat_Icin_Pratik_Kontrol_Listesi\"><span class=\"toc_number toc_depth_1\">8<\/span> \u00d6zet: \u0130lk 24 Saat \u0130\u00e7in Pratik Kontrol Listesi<\/a><\/li><li><a href=\"#DCHost_ile_Standartlastirilmis_ve_Guvenli_VPS_Altyapisi\"><span class=\"toc_number toc_depth_1\">9<\/span> DCHost ile Standartla\u015ft\u0131r\u0131lm\u0131\u015f ve G\u00fcvenli VPS Altyap\u0131s\u0131<\/a><\/li><\/ul><\/div>\n<h2><span id=\"Yeni_Aldiginiz_VPSte_Ilk_24_Saat_Neden_Bu_Kadar_Onemli\">Yeni Ald\u0131\u011f\u0131n\u0131z <a href=\"https:\/\/www.dchost.com\/tr\/vps\">VPS<\/a>\u2019te \u0130lk 24 Saat Neden Bu Kadar \u00d6nemli?<\/span><\/h2>\n<p>Yeni bir VPS sat\u0131n ald\u0131\u011f\u0131n\u0131z anda asl\u0131nda iki saya\u00e7 birlikte \u00e7al\u0131\u015fmaya ba\u015flar: Birincisi, projeyi ne kadar h\u0131zl\u0131 yay\u0131na alaca\u011f\u0131n\u0131z\u0131n s\u00fcresi; ikincisi ise hen\u00fcz hi\u00e7bir sertle\u015ftirme yap\u0131lmam\u0131\u015f, varsay\u0131lan ayarlarla \u00e7al\u0131\u015fan bir sunucunun ne kadar s\u00fcre a\u00e7\u0131kta kalaca\u011f\u0131. DCHost olarak sahada en \u00e7ok g\u00f6rd\u00fc\u011f\u00fcm\u00fcz sorunlardan biri, \u201cnas\u0131lsa sonra bakar\u0131m\u201d denilen ilk 24 saatin, aylar sonra ortaya \u00e7\u0131kan g\u00fcvenlik ve performans problemlerinin temel sebebi olmas\u0131. Varsay\u0131lan \u015fifreyle a\u00e7\u0131kta kalan SSH, kapat\u0131lmam\u0131\u015f gereksiz portlar, yap\u0131lmam\u0131\u015f paket g\u00fcncellemeleri ve tek bir <strong>root<\/strong> hesab\u0131na ba\u011fl\u0131 t\u00fcm eri\u015fim, k\u00fc\u00e7\u00fck projelerde bile ciddi risk olu\u015fturabiliyor.<\/p>\n<p>Bu yaz\u0131da, yeni ald\u0131\u011f\u0131n\u0131z bir VPS\u2019te ilk 24 saat i\u00e7inde ad\u0131m ad\u0131m neler yapman\u0131z gerekti\u011fini, pratik komutlarla ve ger\u00e7ek\u00e7i bir s\u0131ralamayla ele alaca\u011f\u0131z. Odak noktam\u0131z \u00fc\u00e7 temel ba\u015fl\u0131k olacak: <strong>sistem g\u00fcncellemeleri<\/strong>, <strong>g\u00fcvenlik duvar\u0131 (firewall) kurulumu<\/strong> ve <strong>kullan\u0131c\u0131\/SSH eri\u015fim mimarisi<\/strong>. B\u00f6ylece sunucunuz daha ilk g\u00fcnden, ileride \u00fczerine g\u00fcvenle uygulama in\u015fa edebilece\u011finiz sa\u011flam bir temele sahip olacak.<\/p>\n<h2><span id=\"02_Saat_Ilk_Erisim_Kimlik_Dogrulama_ve_Hizli_Kontroller\">0\u20132 Saat: \u0130lk Eri\u015fim, Kimlik Do\u011frulama ve H\u0131zl\u0131 Kontroller<\/span><\/h2>\n<h3><span id=\"Sunucu_Bilgilerini_Netlestirmek\">Sunucu Bilgilerini Netle\u015ftirmek<\/span><\/h3>\n<p>Yeni bir DCHost VPS hizmeti a\u00e7t\u0131\u011f\u0131n\u0131zda, m\u00fc\u015fteri panelinizde a\u015fa\u011f\u0131daki temel bilgileri g\u00f6r\u00fcrs\u00fcn\u00fcz:<\/p>\n<ul>\n<li>Sunucu IP adresi<\/li>\n<li>Kullan\u0131c\u0131 ad\u0131 (genelde <strong>root<\/strong> veya se\u00e7ti\u011finiz y\u00f6netici hesap)<\/li>\n<li>Ge\u00e7ici veya ilk SSH parolas\u0131<\/li>\n<li>\u0130\u015fletim sistemi ve s\u00fcr\u00fcm\u00fc (Ubuntu, Debian, AlmaLinux, Rocky Linux vb.)<\/li>\n<\/ul>\n<p>\u0130lk i\u015f olarak bu bilgileri g\u00fcvenli bir \u015fifre kasas\u0131nda (password manager) saklay\u0131n. Ge\u00e7ici parolalar\u0131 kopyala-yap\u0131\u015ft\u0131r ile oradan kullanmak hem hata pay\u0131n\u0131 azalt\u0131r hem de daha sonra yapaca\u011f\u0131n\u0131z parola de\u011fi\u015fikliklerinin takibini kolayla\u015ft\u0131r\u0131r.<\/p>\n<h3><span id=\"SSH_ile_Ilk_Baglanti_ve_Temel_Bilgiler\">SSH ile \u0130lk Ba\u011flant\u0131 ve Temel Bilgiler<\/span><\/h3>\n<p>Yerel bilgisayar\u0131n\u0131z Linux veya macOS ise do\u011frudan terminalden, Windows kullan\u0131yorsan\u0131z bir SSH istemcisi ile ba\u011flanabilirsiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">ssh root@SUNUCU_IP_ADRESI<\/code><\/pre>\n<p>\u0130lk ba\u011flant\u0131da sunucunun parmak izini (host key fingerprint) onaylaman\u0131z istenir; bu ekran\u0131 h\u0131zl\u0131ca ge\u00e7mek yerine ekran g\u00f6r\u00fcnt\u00fcs\u00fcn\u00fc al\u0131p saklamak, ileride olas\u0131 \u201cman-in-the-middle\u201d \u015f\u00fcphesinde i\u015finize yarar.<\/p>\n<p>Ba\u011fland\u0131ktan sonra birka\u00e7 temel do\u011frulama yap\u0131n:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">whoami\nhostnamectl\ncat \/etc\/os-release\nuptime<\/code><\/pre>\n<ul>\n<li><code>whoami<\/code>: Ger\u00e7ekten <strong>root<\/strong> musunuz, kontrol edin.<\/li>\n<li><code>hostnamectl<\/code>: Sunucunun ad\u0131n\u0131 ve temel bilgileriler.<\/li>\n<li><code>\/etc\/os-release<\/code>: Da\u011f\u0131t\u0131m ve s\u00fcr\u00fcm bilgisi.<\/li>\n<li><code>uptime<\/code>: Sunucunun ne zamand\u0131r a\u00e7\u0131k oldu\u011funu g\u00f6sterir.<\/li>\n<\/ul>\n<h3><span id=\"Ilk_Parola_Degisikligi\">\u0130lk Parola De\u011fi\u015fikli\u011fi<\/span><\/h3>\n<p>Varsay\u0131lan veya ge\u00e7ici parola ile hi\u00e7bir zaman yola devam etmeyin. \u0130lk 5 dakika i\u00e7inde parolay\u0131 de\u011fi\u015ftirin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">passwd<\/code><\/pre>\n<p>G\u00fc\u00e7l\u00fc bir parola belirleyin: En az 16 karakter, k\u00fc\u00e7\u00fck\/b\u00fcy\u00fck harf, rakam ve sembol i\u00e7ermeli. Yine de parolay\u0131 sadece yedek eri\u015fim olarak d\u00fc\u015f\u00fcn\u00fcn; bir sonraki ad\u0131mda SSH anahtar tabanl\u0131 eri\u015fime ge\u00e7ece\u011fiz.<\/p>\n<h3><span id=\"Donanim_ve_Ag_Sagligini_Hizli_Kontrol_Etmek\">Donan\u0131m ve A\u011f Sa\u011fl\u0131\u011f\u0131n\u0131 H\u0131zl\u0131 Kontrol Etmek<\/span><\/h3>\n<p>VPS\u2019inizin ger\u00e7ekten bekledi\u011finiz kaynaklarla geldi\u011finden emin olmak i\u00e7in h\u0131zl\u0131 bir kontrol yap\u0131n:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">lscpu | egrep 'Model name|CPU(s)'\nfree -h\nds -h\nip a<\/code><\/pre>\n<p>Daha ileri seviye performans testleri i\u00e7in, \u00f6zellikle y\u00fcksek trafik bekledi\u011finiz projelerde <a href=\"https:\/\/www.dchost.com\/blog\/yeni-vps-aldiginizda-ilk-yapmaniz-gerekenler-cpu-disk-ve-ag-performansini-benchmark-ile-test-etmek\/\">yeni VPS ald\u0131\u011f\u0131n\u0131zda CPU, disk ve a\u011f performans\u0131n\u0131 benchmark ile test etme rehberimizi<\/a> mutlaka incelemenizi \u00f6neririz.<\/p>\n<h2><span id=\"26_Saat_Sistem_Guncellemeleri_ve_Temel_Araclar\">2\u20136 Saat: Sistem G\u00fcncellemeleri ve Temel Ara\u00e7lar<\/span><\/h2>\n<h3><span id=\"Tum_Paketleri_Guncellemek\">T\u00fcm Paketleri G\u00fcncellemek<\/span><\/h3>\n<p>Bir\u00e7ok VPS imaj\u0131, olu\u015fturuldu\u011fu tarihteki paket s\u00fcr\u00fcmleriyle gelir. Bu tarih ile sunucuyu ger\u00e7ekten kulland\u0131\u011f\u0131n\u0131z g\u00fcn aras\u0131nda haftalar hatta aylar olabilir. Bu y\u00fczden canl\u0131ya almadan \u00f6nce i\u015fletim sistemini g\u00fcncellemek <strong>zorunlu<\/strong> bir ad\u0131m.<\/p>\n<p>\u00d6rne\u011fin Ubuntu\/Debian tabanl\u0131 bir sistemde:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">apt update\napt upgrade -y\napt autoremove -y<\/code><\/pre>\n<p>RHEL tabanl\u0131 (AlmaLinux, Rocky Linux vb.) bir sistemde:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">dnf update -y\n# Eski nesil ise\n# yum update -y<\/code><\/pre>\n<p>Bu komutlardan sonra sunucuyu yeniden ba\u015flatman\u0131z gerekebilir:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">reboot<\/code><\/pre>\n<p>Yeniden ba\u011flan\u0131p tekrar <code>uptime<\/code> ve <code>uname -a<\/code> ile kernel ve \u00e7al\u0131\u015fma s\u00fcresini kontrol edin.<\/p>\n<h3><span id=\"Temel_Yonetim_Araclarini_Kurmak\">Temel Y\u00f6netim Ara\u00e7lar\u0131n\u0131 Kurmak<\/span><\/h3>\n<p>G\u00fcnl\u00fck operasyonlarda i\u015finizi inan\u0131lmaz kolayla\u015ft\u0131racak k\u00fc\u00e7\u00fck ama etkili ara\u00e7lar vard\u0131r. Bunlar\u0131 ilk 6 saat i\u00e7inde kurman\u0131z, ileriye d\u00f6n\u00fck rahatl\u0131k sa\u011flar.<\/p>\n<p>\u00d6rne\u011fin Ubuntu\/Debian i\u00e7in:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">apt install -y htop vim git curl wget net-tools software-properties-common<\/code><\/pre>\n<p>RHEL tabanl\u0131 sistemler i\u00e7in:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">dnf install -y htop vim git curl wget net-tools<\/code><\/pre>\n<p><strong>htop<\/strong> ile CPU\/RAM kullan\u0131m\u0131n\u0131, <strong>vim<\/strong> ile konfig\u00fcrasyon dosyalar\u0131n\u0131, <strong>curl\/wget<\/strong> ile HTTP isteklerini kolayca y\u00f6netebilirsiniz.<\/p>\n<h3><span id=\"Zaman_Dilimi_ve_NTP_Ayarlari\">Zaman Dilimi ve NTP Ayarlar\u0131<\/span><\/h3>\n<p>Log analizi ve hata ay\u0131klama i\u00e7in sunucu saatinizin do\u011fru olmas\u0131 \u00e7ok kritiktir. Zaman diliminizi do\u011fru se\u00e7in:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">timedatectl list-timezones | grep Istanbul\ntimedatectl set-timezone Europe\/Istanbul\ntimedatectl<\/code><\/pre>\n<p>\u00c7\u0131kt\u0131da NTP senkronizasyonunun <code>yes<\/code> oldu\u011fundan emin olun. Gerekirse <code>systemd-timesyncd<\/code> veya <code>chrony<\/code> kurulumunu kontrol edebilirsiniz.<\/p>\n<h2><span id=\"612_Saat_Kullanici_Hesaplari_ve_SSH_Sertlestirme\">6\u201312 Saat: Kullan\u0131c\u0131 Hesaplar\u0131 ve SSH Sertle\u015ftirme<\/span><\/h2>\n<h3><span id=\"Root_Yerine_Yetkili_Bir_Kullanici_ile_Calismak\">Root Yerine Yetkili Bir Kullan\u0131c\u0131 ile \u00c7al\u0131\u015fmak<\/span><\/h3>\n<p>G\u00fcvenlik en temel prensiplerinden biri, <strong>en az ayr\u0131cal\u0131k<\/strong> (least privilege) kural\u0131d\u0131r. Her i\u015flemi do\u011frudan root ile yapmak sald\u0131rganlar i\u00e7in de hayat\u0131 kolayla\u015ft\u0131r\u0131r. Bu y\u00fczden ilk saatler i\u00e7inde <strong>sudo yetkili normal bir kullan\u0131c\u0131<\/strong> olu\u015fturun.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># Yeni kullan\u0131c\u0131 olu\u015fturma\nadduser deploy\n# Ubuntu\/Debian'da sudo grubuna ekleme\nusermod -aG sudo deploy\n\n# AlmaLinux\/Rocky Linux gibi sistemlerde wheel grubu\nusermod -aG wheel deploy<\/code><\/pre>\n<p>Parolas\u0131n\u0131 belirledikten sonra, art\u0131k bu kullan\u0131c\u0131 ile giri\u015f yapabileceksiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">ssh deploy@SUNUCU_IP_ADRESI<\/code><\/pre>\n<p>Bu kullan\u0131c\u0131 ile root ayr\u0131cal\u0131\u011f\u0131 kullanman\u0131z gerekti\u011finde:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo su -\n# veya\nsudo &lt;komut&gt;<\/code><\/pre>\n<h3><span id=\"SSH_Anahtar_Tabanli_Erisim_Kurmak\">SSH Anahtar Tabanl\u0131 Eri\u015fim Kurmak<\/span><\/h3>\n<p>Parola ile SSH eri\u015fimini m\u00fcmk\u00fcn oldu\u011funca k\u0131sa s\u00fcrede kapatmak istiyoruz. Bunun i\u00e7in istemci taraf\u0131nda bir SSH anahtar\u0131 olu\u015fturup sunucuya tan\u0131mlayal\u0131m.<\/p>\n<p>Yerel bilgisayar\u0131n\u0131zda (istemcide):<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">ssh-keygen -t ed25519 -C &quot;deploy@proje-adi&quot;<\/code><\/pre>\n<p>Varsay\u0131lan konumu onaylay\u0131n ve mutlaka g\u00fc\u00e7l\u00fc bir <strong>passphrase<\/strong> belirleyin. Ard\u0131ndan public anahtar\u0131n\u0131z\u0131 sunucuya kopyalay\u0131n:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">ssh-copy-id deploy@SUNUCU_IP_ADRESI<\/code><\/pre>\n<p>E\u011fer <code>ssh-copy-id<\/code> yoksa, public anahtar\u0131 manuel ekleyebilirsiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">cat ~\/.ssh\/id_ed25519.pub<\/code><\/pre>\n<p>Sunucuda:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">mkdir -p \/home\/deploy\/.ssh\nchmod 700 \/home\/deploy\/.ssh\necho &quot;PUBLIC_ANAHTAR_ICERIGI&quot; &gt;&gt; \/home\/deploy\/.ssh\/authorized_keys\nchmod 600 \/home\/deploy\/.ssh\/authorized_keys\nchown -R deploy:deploy \/home\/deploy\/.ssh<\/code><\/pre>\n<p>\u015eimdi parolas\u0131z (ama anahtar + passphrase ile) SSH ba\u011flant\u0131s\u0131n\u0131 test edin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">ssh deploy@SUNUCU_IP_ADRESI<\/code><\/pre>\n<h3><span id=\"SSH_Yapilandirmasini_Sertlestirmek\">SSH Yap\u0131land\u0131rmas\u0131n\u0131 Sertle\u015ftirmek<\/span><\/h3>\n<p>Art\u0131k SSH anahtar\u0131n\u0131z haz\u0131r oldu\u011funa g\u00f6re, SSH sunucu ayarlar\u0131n\u0131 s\u0131k\u0131la\u015ft\u0131rabilirsiniz. Konfig\u00fcrasyon dosyas\u0131 genellikle <code>\/etc\/ssh\/sshd_config<\/code> yolundad\u0131r.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo vim \/etc\/ssh\/sshd_config<\/code><\/pre>\n<p>A\u015fa\u011f\u0131daki ayarlar\u0131 kontrol edin veya ekleyin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">PermitRootLogin no\nPasswordAuthentication no\nPubkeyAuthentication yes\nPermitEmptyPasswords no\nChallengeResponseAuthentication no\nProtocol 2\nX11Forwarding no\nAllowUsers deploy<\/code><\/pre>\n<p>Burada <code>AllowUsers<\/code> ile sadece belirli hesaplar\u0131n SSH \u00fczerinden ba\u011flanabilmesini sa\u011fl\u0131yoruz. Birden fazla kullan\u0131c\u0131 varsa bo\u015flukla ay\u0131rabilirsiniz. De\u011fi\u015fikliklerden sonra servisi yeniden ba\u015flat\u0131n:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo systemctl restart sshd\n# Baz\u0131 da\u011f\u0131t\u0131mlarda hizmet ad\u0131 &quot;ssh&quot; olabilir\n# sudo systemctl restart ssh<\/code><\/pre>\n<p>Bu ad\u0131mlarla ilgili daha ileri seviye g\u00fcvenlik \u00f6nlemleri (FIDO2 donan\u0131m anahtarlar\u0131, SSH CA, anahtar rotasyonu vb.) d\u00fc\u015f\u00fcn\u00fcyorsan\u0131z, <a href=\"https:\/\/www.dchost.com\/blog\/vpste-ssh-guvenligi-nasil-saglamlasir-fido2-anahtarlari-ssh-ca-ve-rotasyonun-sicacik-yolculugu\/\">VPS\u2019te SSH g\u00fcvenli\u011fini sa\u011flamla\u015ft\u0131rma rehberimizi<\/a> detayl\u0131ca inceleyebilirsiniz.<\/p>\n<h2><span id=\"1218_Saat_Guvenlik_Duvari_Firewall_Kurmak\">12\u201318 Saat: G\u00fcvenlik Duvar\u0131 (Firewall) Kurmak<\/span><\/h2>\n<h3><span id=\"Neden_Ilk_Gunden_Firewall_Kurmalisiniz\">Neden \u0130lk G\u00fcnden Firewall Kurmal\u0131s\u0131n\u0131z?<\/span><\/h3>\n<p>\u0130nternete do\u011frudan a\u00e7\u0131k her VPS, saniyeler i\u00e7inde otomatik tarama ve kaba kuvvet sald\u0131r\u0131lar\u0131n\u0131n hedefi olur. Bu sald\u0131r\u0131lar\u0131n \u00e7o\u011fu ba\u015far\u0131s\u0131z olsa da loglar\u0131n\u0131z\u0131 \u015fi\u015firir, CPU kullan\u0131m\u0131 yarat\u0131r, bazen de beklenmedik a\u00e7\u0131klara \u00e7arpar. G\u00fcvenlik duvar\u0131 ile <strong>varsay\u0131lan kapal\u0131<\/strong> bir model benimseyerek yaln\u0131zca izin verdi\u011finiz portlar\u0131n d\u0131\u015f d\u00fcnyaya a\u00e7\u0131lmas\u0131n\u0131 sa\u011flars\u0131n\u0131z.<\/p>\n<p>DCHost altyap\u0131s\u0131nda a\u011f katman\u0131nda da koruma mekanizmalar\u0131 olsa bile, <strong>sunucu i\u00e7i firewall<\/strong> her zaman ek bir savunma hatt\u0131 olarak d\u00fc\u015f\u00fcn\u00fclmelidir.<\/p>\n<h3><span id=\"UFW_ile_Hizli_ve_Basit_Kurulum_UbuntuDebian\">UFW ile H\u0131zl\u0131 ve Basit Kurulum (Ubuntu\/Debian)<\/span><\/h3>\n<p>Ubuntu\/Debian kullan\u0131c\u0131lar\u0131 i\u00e7in <code>ufw<\/code> (Uncomplicated Firewall) olduk\u00e7a pratik bir ara\u00e7t\u0131r. \u00d6nce paketin kurulu oldu\u011fundan emin olun:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo apt install -y ufw<\/code><\/pre>\n<p>Varsay\u0131lan politikalar\u0131 s\u0131k\u0131 \u015fekilde ayarlayal\u0131m:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo ufw default deny incoming\nsudo ufw default allow outgoing<\/code><\/pre>\n<p>SSH ba\u011flant\u0131s\u0131n\u0131 kesmemek i\u00e7in \u00f6nceden izin verin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo ufw allow OpenSSH\n# veya port bazl\u0131\n# sudo ufw allow 22\/tcp<\/code><\/pre>\n<p>Web sunucusu kullanacaksan\u0131z HTTP ve HTTPS i\u00e7in de izin a\u00e7\u0131n:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp<\/code><\/pre>\n<p>Art\u0131k <code>ufw<\/code>\u2019yi etkinle\u015ftirebilirsiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo ufw enable\nsudo ufw status verbose<\/code><\/pre>\n<p>Sunucunuzda \u00f6zel portlar (\u00f6rne\u011fin bir oyun sunucusu ya da API portu) varsa, sadece ger\u00e7ekten ihtiya\u00e7 duyduklar\u0131n\u0131z\u0131 a\u00e7\u0131n. Geri kalan her \u015feyi kapal\u0131 tutmak en g\u00fcvenli yakla\u015f\u0131md\u0131r.<\/p>\n<h3><span id=\"RHEL_Tabanli_Sistemlerde_firewall-cmd_firewalld\">RHEL Tabanl\u0131 Sistemlerde firewall-cmd (firewalld)<\/span><\/h3>\n<p>AlmaLinux\/Rocky Linux gibi sistemlerde <code>firewalld<\/code> ve <code>firewall-cmd<\/code> ile benzer bir kurulum yapabilirsiniz:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo dnf install -y firewalld\nsudo systemctl enable --now firewalld\n\nsudo firewall-cmd --set-default-zone=public\nsudo firewall-cmd --permanent --add-service=ssh\nsudo firewall-cmd --permanent --add-service=http\nsudo firewall-cmd --permanent --add-service=https\nsudo firewall-cmd --reload\n\nsudo firewall-cmd --list-all<\/code><\/pre>\n<p>\u0130htiya\u00e7 halinde \u00f6zel portlar\u0131 <code>--add-port=PORT\/tcp<\/code> \u015feklinde ekleyebilirsiniz.<\/p>\n<h3><span id=\"nftables_ile_Ileri_Seviye_Guvenlik_Duvari\">nftables ile \u0130leri Seviye G\u00fcvenlik Duvar\u0131<\/span><\/h3>\n<p>Modern Linux d\u00fcnyas\u0131nda <code>nftables<\/code>, iptables\u2019in yerini alan ve \u00e7ok daha esnek bir yap\u0131 sunan yeni jenerasyon firewall katman\u0131d\u0131r. Orta-b\u00fcy\u00fck \u00f6l\u00e7ekli projelerde, rate limit, port knocking, IPv6 kurallar\u0131 gibi geli\u015fmi\u015f gereksinimleriniz varsa do\u011frudan nftables ile ba\u015flaman\u0131z mant\u0131kl\u0131 olur.<\/p>\n<p>Bu konuda daha derinle\u015fmek isteyenler i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/nftables-ile-vps-guvenlik-duvari-rehberi-rate-limit-port-knocking-ve-ipv6-kurallari-nasil-tatli-tatli-kurulur\/\">nftables ile VPS g\u00fcvenlik duvar\u0131 rehberimizde<\/a> pratik kurallar, IPv4\/IPv6 \u00f6rnekleri ve rate limit senaryolar\u0131n\u0131 detayl\u0131 \u015fekilde anlatt\u0131k.<\/p>\n<h2><span id=\"1824_Saat_Giris_Denemeleri_Loglar_ve_Ek_Guvenlik_Katmanlari\">18\u201324 Saat: Giri\u015f Denemeleri, Loglar ve Ek G\u00fcvenlik Katmanlar\u0131<\/span><\/h2>\n<h3><span id=\"SSH_Brute_Force_Saldirilarina_Karsi_Fail2ban\">SSH Brute Force Sald\u0131r\u0131lar\u0131na Kar\u015f\u0131 Fail2ban<\/span><\/h3>\n<p>Ne kadar iyi parola\/anahtar politikas\u0131 uygularsan\u0131z uygulay\u0131n, internete a\u00e7\u0131k her SSH portu s\u00fcrekli denenecektir. Bunun loglar\u0131n\u0131z\u0131 ve kaynaklar\u0131n\u0131z\u0131 t\u00fcketmesini engellemek i\u00e7in <strong>fail2ban<\/strong> kullanmak \u00e7ok etkilidir.<\/p>\n<p>Ubuntu\/Debian i\u00e7in kurulum:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo apt install -y fail2ban<\/code><\/pre>\n<p>RHEL tabanl\u0131 i\u00e7in:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo dnf install -y fail2ban<\/code><\/pre>\n<p>Basit bir SSH jail ayar\u0131 i\u00e7in yerel konfig\u00fcrasyon dosyas\u0131 olu\u015fturun:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo cp \/etc\/fail2ban\/jail.conf \/etc\/fail2ban\/jail.local\nsudo vim \/etc\/fail2ban\/jail.local<\/code><\/pre>\n<p><code>[sshd]<\/code> b\u00f6l\u00fcm\u00fcn\u00fc bulun ve a\u015fa\u011f\u0131daki ayarlar\u0131 kontrol edin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">[sshd]\nenabled  = true\nport     = ssh\nlogpath  = %(sshd_log)s\nmaxretry = 5\nbantime  = 3600\nfindtime = 600<\/code><\/pre>\n<p>Servisi etkinle\u015ftirin:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">sudo systemctl enable --now fail2ban\nsudo fail2ban-client status sshd<\/code><\/pre>\n<p>Fail2ban ve di\u011fer koruma katmanlar\u0131n\u0131 WAF, Cloudflare gibi servislerle birle\u015ftirmek istiyorsan\u0131z, <a href=\"https:\/\/www.dchost.com\/blog\/vps-sunucu-guvenligi-nasil-saglanir-kapiyi-acik-birakmadan-yasamanin-sirri\/\">VPS sunucu g\u00fcvenli\u011fi rehberimizde<\/a> katmanl\u0131 g\u00fcvenlik yakla\u015f\u0131m\u0131n\u0131 ad\u0131m ad\u0131m anlatt\u0131k.<\/p>\n<h3><span id=\"Gunluk_Log_Kontrolleri_Icin_Aliskanlik_Kazanmak\">G\u00fcnl\u00fck Log Kontrolleri \u0130\u00e7in Al\u0131\u015fkanl\u0131k Kazanmak<\/span><\/h3>\n<p>\u0130lk 24 saatte, SSH ve sistem loglar\u0131n\u0131 en az\u0131ndan bir kez g\u00f6zden ge\u00e7irmeniz \u00e7ok faydal\u0131d\u0131r. \u00d6zellikle yanl\u0131\u015f yap\u0131land\u0131r\u0131lm\u0131\u015f servisler veya beklenmedik hatalar bu a\u015famada yakalanabilir.<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\"># SSH giri\u015fleri\nsudo journalctl -u ssh -n 100 --no-pager\n# veya\nsudo tail -n 100 \/var\/log\/auth.log   # Debian\/Ubuntu\nsudo tail -n 100 \/var\/log\/secure     # RHEL tabanl\u0131<\/code><\/pre>\n<p>G\u00fcnl\u00fck kullan\u0131mda, CPU\/RAM\/DISK \u00f6zetini g\u00f6rmek i\u00e7in:<\/p>\n<pre class=\"language-bash line-numbers\"><code class=\"language-bash\">htop\nfree -h\nds -h\nsudo iostat -xz 1 5   # iostat y\u00fckl\u00fc ise<\/code><\/pre>\n<p>Bu basit kontroller bile, ileride performans sorunlar\u0131na d\u00f6n\u00fc\u015febilecek k\u00fc\u00e7\u00fck i\u015faretleri erken yakalaman\u0131z\u0131 sa\u011flar. Daha sistematik bir yakla\u015f\u0131m i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/vps-log-yonetimi-nasil-rayina-oturur-grafana-loki-promtail-ile-merkezi-loglama-tutma-sureleri-ve-alarm-kurallari\/\">VPS log y\u00f6netimi ve merkezi loglama rehberimizi<\/a> inceleyebilirsiniz.<\/p>\n<h3><span id=\"Temel_Izleme_ve_Uptime_Kontrolu\">Temel \u0130zleme ve Uptime Kontrol\u00fc<\/span><\/h3>\n<p>\u0130lk g\u00fcnden basit bir uptime izlemesi kurmak, beklenmedik kesintileri fark etmenizi sa\u011flar. \u0130sterseniz harici uptime servisleri kullanabilir, isterseniz de kendi VPS izleme altyap\u0131n\u0131z\u0131 olu\u015fturabilirsiniz. DCHost m\u00fc\u015fterilerinin s\u0131k kulland\u0131\u011f\u0131 yakla\u015f\u0131m, k\u00fc\u00e7\u00fck bir Prometheus + Grafana stack\u2019i veya hafif bir uptime arac\u0131 ile durum izlemektir.<\/p>\n<p>Bu konuyla ilgili temel bir ba\u015flang\u0131\u00e7 yapmak isterseniz <a href=\"https:\/\/www.dchost.com\/blog\/vps-izleme-ve-alarm-kurulumu-prometheus-grafana-ve-uptime-kuma-ile-baslangic\/\">VPS izleme ve alarm kurulumu<\/a> rehberimizi ad\u0131m ad\u0131m takip edebilirsiniz.<\/p>\n<h2><span id=\"Ek_Adim_Yedekleme_ve_Sonraki_Gunler_Icin_Yol_Haritasi\">Ek Ad\u0131m: Yedekleme ve Sonraki G\u00fcnler \u0130\u00e7in Yol Haritas\u0131<\/span><\/h2>\n<h3><span id=\"Yedekleme_Stratejisini_Ertelemeyin\">Yedekleme Stratejisini Ertelemeyin<\/span><\/h3>\n<p>Yeni bir VPS kurarken \u00e7o\u011fu ki\u015fi \u00f6nce uygulamay\u0131 yay\u0131na almay\u0131, yedekleme konusunu ise \u201csonra bakar\u0131z\u201d diye erteliyor. Ama ger\u00e7ek \u015fu ki, kritik dosya ve verileriniz bir kez kayboldu mu geriye d\u00f6nmek \u00e7o\u011fu zaman imkans\u0131z veya \u00e7ok maliyetli. Bu y\u00fczden daha ilk 24 saat i\u00e7inde en az\u0131ndan temel bir yedekleme stratejisi tasarlam\u0131\u015f olman\u0131z \u00f6nemli.<\/p>\n<p>Genel kabul g\u00f6rm\u00fc\u015f yakla\u015f\u0131m olan <strong>3-2-1 yedekleme stratejisi<\/strong>ni (3 kopya, 2 farkl\u0131 ortam, 1 adet farkl\u0131 lokasyon) VPS ortam\u0131na nas\u0131l uyarlayabilece\u011finizi, <a href=\"https:\/\/www.dchost.com\/blog\/3-2-1-yedekleme-stratejisi-neden-ise-yariyor-cpanel-plesk-ve-vpste-otomatik-yedekleri-nasil-kurarsin\/\">3-2-1 yedekleme stratejisi rehberimizde<\/a> detayland\u0131rd\u0131k. \u0130lk g\u00fcn i\u00e7in bile, en az\u0131ndan:<\/p>\n<ul>\n<li>Konfig\u00fcrasyon dosyalar\u0131n\u0131n (<code>\/etc<\/code> alt\u0131 kritik dizinler gibi) bir kopyas\u0131n\u0131<\/li>\n<li>\u0130lk uygulama s\u00fcr\u00fcm\u00fcn\u00fcz\u00fc<\/li>\n<li>\u00d6nemli script ve deployment ara\u00e7lar\u0131n\u0131z\u0131<\/li>\n<\/ul>\n<p>manuel olarak farkl\u0131 bir ortama (lokal bilgisayar, ba\u015fka bir VPS veya object storage) kopyalamak iyi bir ba\u015flang\u0131\u00e7t\u0131r.<\/p>\n<h3><span id=\"Web_Uygulamasi_Yayina_Alirken_Guvenlik_Basliklari\">Web Uygulamas\u0131 Yay\u0131na Al\u0131rken G\u00fcvenlik Ba\u015fl\u0131klar\u0131<\/span><\/h3>\n<p>\u0130lk 24 saat \u00e7o\u011funlukla sistem taraf\u0131na odaklansak da, k\u0131sa s\u00fcre i\u00e7inde bu VPS \u00fczerinde bir web sitesini veya API\u2019yi yay\u0131nlayacaks\u0131n\u0131z. Bu noktada HTTP katman\u0131ndaki g\u00fcvenlik ba\u015fl\u0131klar\u0131 da (HSTS, CSP, X-Frame-Options, Referrer-Policy vb.) en az OS d\u00fczeyindeki firewall kadar \u00f6nemlidir.<\/p>\n<p>Nginx veya Apache \u00fczerinde bu ba\u015fl\u0131klar\u0131 nas\u0131l do\u011fru kurgulayaca\u011f\u0131n\u0131z\u0131 \u00f6\u011frenmek i\u00e7in <a href=\"https:\/\/www.dchost.com\/blog\/http-guvenlik-basliklari-rehberi-hsts-csp-x-frame-options-ve-referrer-policy-dogru-nasil-kurulur\/\">HTTP g\u00fcvenlik ba\u015fl\u0131klar\u0131 rehberimizi<\/a> okuyabilir, b\u00f6ylece uygulama katman\u0131n\u0131 da g\u00fc\u00e7l\u00fc bir g\u00fcvenlik \u00e7emberine alabilirsiniz.<\/p>\n<h2><span id=\"Ozet_Ilk_24_Saat_Icin_Pratik_Kontrol_Listesi\">\u00d6zet: \u0130lk 24 Saat \u0130\u00e7in Pratik Kontrol Listesi<\/span><\/h2>\n<p>Buraya kadar anlatt\u0131klar\u0131m\u0131z\u0131, DCHost\u2019ta s\u0131k\u00e7a uygulad\u0131\u011f\u0131m\u0131z pratik bir kontrol listesi haline getirelim. Yeni bir VPS ald\u0131\u011f\u0131n\u0131zda ilk 24 saatte \u015fu ad\u0131mlar\u0131 tamamlad\u0131\u011f\u0131n\u0131zdan emin olun:<\/p>\n<ol>\n<li><strong>\u0130lk eri\u015fim ve parola de\u011fi\u015fikli\u011fi:<\/strong> SSH ile ba\u011flan, ge\u00e7ici parolay\u0131 hemen de\u011fi\u015ftir.<\/li>\n<li><strong>Sistem g\u00fcncellemeleri:<\/strong> T\u00fcm paketleri <code>apt upgrade<\/code> veya <code>dnf update<\/code> ile g\u00fcncelle, gerekirse reboot et.<\/li>\n<li><strong>Temel ara\u00e7lar:<\/strong> htop, vim, curl, git gibi y\u00f6netim ara\u00e7lar\u0131n\u0131 kur.<\/li>\n<li><strong>Zaman ve NTP:<\/strong> <code>timedatectl<\/code> ile zaman dilimini ve NTP\u2019yi do\u011frula.<\/li>\n<li><strong>Yetkili kullan\u0131c\u0131 hesab\u0131:<\/strong> <code>deploy<\/code> gibi yeni bir kullan\u0131c\u0131 olu\u015ftur, sudo yetkisi ver.<\/li>\n<li><strong>SSH anahtar tabanl\u0131 eri\u015fim:<\/strong> ssh-keygen ile anahtar \u00fcret, sunucuya ekle, test et.<\/li>\n<li><strong>SSH sertle\u015ftirme:<\/strong> <code>PermitRootLogin no<\/code>, <code>PasswordAuthentication no<\/code> gibi ayarlar\u0131 uygula.<\/li>\n<li><strong>G\u00fcvenlik duvar\u0131:<\/strong> UFW veya firewalld ile sadece gereken portlar\u0131 a\u00e7; NFTables d\u00fc\u015f\u00fcn\u00fcyorsan temel kurallar\u0131 yaz.<\/li>\n<li><strong>Fail2ban:<\/strong> SSH brute force sald\u0131r\u0131lar\u0131n\u0131 s\u0131n\u0131rlamak i\u00e7in kur ve temel jail ayar\u0131n\u0131 yap.<\/li>\n<li><strong>Log ve izleme:<\/strong> SSH ve sistem loglar\u0131n\u0131 g\u00f6zden ge\u00e7ir, basit bir uptime\/izleme mekanizmas\u0131 planla.<\/li>\n<li><strong>Yedekleme:<\/strong> En az\u0131ndan konfig\u00fcrasyon ve kodlar i\u00e7in ilk yedekleri al, 3-2-1\u2019e giden yolu planla.<\/li>\n<\/ol>\n<p>Bu ad\u0131mlar\u0131 uygulad\u0131\u011f\u0131n\u0131zda, VPS\u2019iniz sadece \u201c\u00e7al\u0131\u015fan\u201d bir sunucu olmaktan \u00e7\u0131k\u0131p, <strong>g\u00fcvenli, izlenebilir ve y\u00f6netilebilir<\/strong> bir altyap\u0131ya d\u00f6n\u00fc\u015f\u00fcr.<\/p>\n<h2><span id=\"DCHost_ile_Standartlastirilmis_ve_Guvenli_VPS_Altyapisi\">DCHost ile Standartla\u015ft\u0131r\u0131lm\u0131\u015f ve G\u00fcvenli VPS Altyap\u0131s\u0131<\/span><\/h2>\n<p>DCHost\u2019ta amac\u0131m\u0131z, yeni ald\u0131\u011f\u0131n\u0131z her VPS\u2019in m\u00fcmk\u00fcn oldu\u011funca tekrarlanabilir ve \u00f6ng\u00f6r\u00fclebilir bir yap\u0131da olmas\u0131. Yani bug\u00fcn k\u00fc\u00e7\u00fck bir blog i\u00e7in kurdu\u011funuz VPS ile yar\u0131n daha b\u00fcy\u00fck bir e-ticaret projesi i\u00e7in kurdu\u011funuz VPS, ayn\u0131 temel g\u00fcvenlik ve y\u00f6netim standartlar\u0131na sahip olmal\u0131. Bu yaz\u0131da anlatt\u0131\u011f\u0131m\u0131z ilk 24 saatlik yol haritas\u0131, i\u015fte bu standard\u0131n ilk ad\u0131m\u0131.<\/p>\n<p>E\u011fer bu ad\u0131mlar\u0131 kendiniz uygulamak istiyorsan\u0131z, yukar\u0131daki komutlar ve referans verdi\u011fimiz detayl\u0131 rehberler size g\u00fc\u00e7l\u00fc bir ba\u015flang\u0131\u00e7 sunar. Daha y\u00f6netilen bir deneyim ar\u0131yorsan\u0131z da, DCHost ekibi olarak VPS, dedicated ve colocation \u00e7\u00f6z\u00fcmlerinde; g\u00fcvenlik sertle\u015ftirme, g\u00fcncelleme politikalar\u0131 ve izleme konular\u0131nda size e\u015flik edebiliriz.<\/p>\n<p>Yeni bir VPS ald\u0131ysan\u0131z, bu yaz\u0131y\u0131 bir \u201ccheck-list\u201d gibi kullan\u0131n: Ad\u0131mlar\u0131 tek tek i\u015faretleyin, notlar al\u0131n, gerekiyorsa kendi i\u00e7 dok\u00fcmantasyonunuza uyarlay\u0131n. \u0130lk 24 saatte att\u0131\u011f\u0131n\u0131z bu sa\u011flam ad\u0131mlar, ileride ya\u015fayabilece\u011finiz sorunlar\u0131n b\u00fcy\u00fck k\u0131sm\u0131n\u0131 daha ortaya \u00e7\u0131kmadan \u00e7\u00f6zm\u00fc\u015f olacak.<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>\u0130&ccedil;indekiler1 Yeni Ald\u0131\u011f\u0131n\u0131z VPS\u2019te \u0130lk 24 Saat Neden Bu Kadar \u00d6nemli?2 0\u20132 Saat: \u0130lk Eri\u015fim, Kimlik Do\u011frulama ve H\u0131zl\u0131 Kontroller2.1 Sunucu Bilgilerini Netle\u015ftirmek2.2 SSH ile \u0130lk Ba\u011flant\u0131 ve Temel Bilgiler2.3 \u0130lk Parola De\u011fi\u015fikli\u011fi2.4 Donan\u0131m ve A\u011f Sa\u011fl\u0131\u011f\u0131n\u0131 H\u0131zl\u0131 Kontrol Etmek3 2\u20136 Saat: Sistem G\u00fcncellemeleri ve Temel Ara\u00e7lar3.1 T\u00fcm Paketleri G\u00fcncellemek3.2 Temel Y\u00f6netim Ara\u00e7lar\u0131n\u0131 Kurmak3.3 Zaman [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3171,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-3170","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji"],"_links":{"self":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3170","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/comments?post=3170"}],"version-history":[{"count":0,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/posts\/3170\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media\/3171"}],"wp:attachment":[{"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/media?parent=3170"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/categories?post=3170"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.dchost.com\/blog\/wp-json\/wp\/v2\/tags?post=3170"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}