Update security.md

This commit is contained in:
kload@kload.fr 2014-06-04 21:41:04 +02:00 committed by YunoHost
parent c7e23772d1
commit b1ca168cdd

View file

@ -10,6 +10,7 @@ Two things remain important to note:
*If you need some advises, do not hesitate to [ask us](/support).* *If you need some advises, do not hesitate to [ask us](/support).*
---
## Improve security ## Improve security
@ -41,6 +42,8 @@ PasswordAuthentication no
Save and restart SSH daemon. Save and restart SSH daemon.
---
### Deactivate YunoHost API ### Deactivate YunoHost API
YunoHost administration is accessible through an **HTTP API**, served on the 6787 port by default. It can be used to administrate a lot of things on your server, thus to break many things between malicious hands. The best thing to do, if you know how to use the [command-line interface](/moulinette), is to deactivate the `yunohost-api` service. YunoHost administration is accessible through an **HTTP API**, served on the 6787 port by default. It can be used to administrate a lot of things on your server, thus to break many things between malicious hands. The best thing to do, if you know how to use the [command-line interface](/moulinette), is to deactivate the `yunohost-api` service.