An important first line of defense here is to prohibit SSH login via password, but using keys instead. You can read up on how to do this for your Cloudron instance at https://cloudron.io/documentation/security/#securing-ssh-access
This page also contains further information about how to harden your setup, so it might be worth it to read the whole document.
Topics created by dieter
Solved Is it OK to change root password?
Support • • dieter