steitieh
Well-known member
- Joined
- Apr 23, 2014
- Messages
- 113
- Points
- 18
One of the advantages of virtualization is if a private virtual server (VPS) is compromised at the security level, this will not affect the physical server. Obviously, if you are the owner of a VPS with security problems, then you would not like anything that the same is compromised, so here I can give you 5 basic tips to secure your VPS .
- Disable remote root access : While it is likely that your provider gives you root access at the beginning, you do not always need to connect in that way. Instead, it is helpful to create a separate user account that is able to log in as root when you require it. This is usually referred to as a user wheel.
- Use difficult passwords : this is without doubt the most basic security advice anyone can give. We suggest you read this post to know more about it.
- Use a secure method of file transfer: FTP is not the safest method in the world. Instead it is best to use an encrypted SSH connection. SFTP is a recommended method.
- Update the software: if your provider does not perform periodic updates, then you must do them, and not only at the service level, but also update the CMS you use, such as WordPress.
- Back up everything: make backups regularly, that is a couple of times a week, and check that they are effective in case something goes wrong.
Hope that helped.
- Disable remote root access : While it is likely that your provider gives you root access at the beginning, you do not always need to connect in that way. Instead, it is helpful to create a separate user account that is able to log in as root when you require it. This is usually referred to as a user wheel.
- Use difficult passwords : this is without doubt the most basic security advice anyone can give. We suggest you read this post to know more about it.
- Use a secure method of file transfer: FTP is not the safest method in the world. Instead it is best to use an encrypted SSH connection. SFTP is a recommended method.
- Update the software: if your provider does not perform periodic updates, then you must do them, and not only at the service level, but also update the CMS you use, such as WordPress.
- Back up everything: make backups regularly, that is a couple of times a week, and check that they are effective in case something goes wrong.
Hope that helped.
The short awnser is CSF firewall.
I would do the following with a new VPS.
1. Disable any unneeded services (care should be take with this if you do not know exactly what you are disabling and why you don't need it.
2. Get an encryption cert for the server, if you have some malware on your PC it will be able to read any data sent in plain txt including passwords.
3. Install CSF and configure a strict rule set.
4. Multitail https://www.vanheusden.com/multitail/
More than anything you need to keep an eye on whats happening, I have a screen running multitail which displays certain elements or complete log files with color and you can even make things flash red such as a root login
(yep it's like something out of a movie) and highly recommend.
95% of attacks are brute force attempts that are easily shut down by the firewall, what you should be worried about is you get someone targeting your server who is not just a script kiddie and dangerous, they will try to exploit code in an vulnerable SSH demon or other service for example.
Best advice I can give is use good firewall rules and keep everything updated and you should be good. Just watch the logs for anything out of the normal.
I would do the following with a new VPS.
1. Disable any unneeded services (care should be take with this if you do not know exactly what you are disabling and why you don't need it.
2. Get an encryption cert for the server, if you have some malware on your PC it will be able to read any data sent in plain txt including passwords.
3. Install CSF and configure a strict rule set.
4. Multitail https://www.vanheusden.com/multitail/
More than anything you need to keep an eye on whats happening, I have a screen running multitail which displays certain elements or complete log files with color and you can even make things flash red such as a root login
(yep it's like something out of a movie) and highly recommend.95% of attacks are brute force attempts that are easily shut down by the firewall, what you should be worried about is you get someone targeting your server who is not just a script kiddie and dangerous, they will try to exploit code in an vulnerable SSH demon or other service for example.
Best advice I can give is use good firewall rules and keep everything updated and you should be good. Just watch the logs for anything out of the normal.
Luxin Host
Well-known member
- Joined
- Jun 26, 2016
- Messages
- 543
- Points
- 43
Besides most things suggested above, I would recommend changing the default SSH port.
liveinhost
Member
- Joined
- Jan 18, 2017
- Messages
- 48
- Points
- 8
Yes, first of all, install a firewall and make sure you open only wanted ports.
Update all the software and modules to its latest stable versions. If you do at least these two things then I can say your server is secure.
Update all the software and modules to its latest stable versions. If you do at least these two things then I can say your server is secure.
Moebuntu
Well-known member
- Joined
- Jul 1, 2016
- Messages
- 103
- Points
- 18
I use Linux for my hosting
How can change the default SSH port completely?
This is useful tip, how can find out what are unneeded services and disabling them?
WhiteVM
Member
- Joined
- Dec 6, 2016
- Messages
- 18
- Points
- 3
To secure yours VPS is not easy and have a lot of things you must to do, but easily you can make the best config on Linux:
+ Install a firewall in yours server, use CSF or IPtables, block the don't need ports and applications.
+ Install WAF for yours websites
+ Use strong passwords, and replace it atleast every 30 days.
+ Change SSH and other programs ports, just for blocking the standart bruteforce scipts.
On windows VPSs :
+ Use antivirus
+ Use Anti Malware
+ Use Bitlocker
+ Use Network Encrypter
+ Use Security Group Policy to set max logins and other things
+ use strong password and change it atleast every 30 days.
+ Use firewall
+ Don't Give accsess to other users of the VPS to different places, use group policy and NTFS security.
Its the simple
But after all, If you need strong security go to a professional for that.
+ Install a firewall in yours server, use CSF or IPtables, block the don't need ports and applications.
+ Install WAF for yours websites
+ Use strong passwords, and replace it atleast every 30 days.
+ Change SSH and other programs ports, just for blocking the standart bruteforce scipts.
On windows VPSs :
+ Use antivirus
+ Use Anti Malware
+ Use Bitlocker
+ Use Network Encrypter
+ Use Security Group Policy to set max logins and other things
+ use strong password and change it atleast every 30 days.
+ Use firewall
+ Don't Give accsess to other users of the VPS to different places, use group policy and NTFS security.
Its the simple
But after all, If you need strong security go to a professional for that.
I will also add CSF has very good notifications so you can tell what is going on with your security in real time.
Here is one of our IP block SSH failure notifications:
As you can see it tell you who, when and where and how. All the information on the attacker you need You can even get the MAC address if you dig in the logs a little deeper.
Here is one of our IP block SSH failure notifications:
Code:
Time: Sun Feb 5 16:08:34 2017 +0100
IP: 119.193.140.204 (KR/Korea, Republic of/-)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked: Temporary Block
Log entries:
Feb 5 16:08:19 vps371230 sshd[28282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.193.140.204 user=root
Feb 5 16:08:22 vps371230 sshd[28282]: Failed password for root from 119.193.140.204 port 35468 ssh2
Feb 5 16:08:24 vps371230 sshd[28282]: Failed password for root from 119.193.140.204 port 35468 ssh2
Feb 5 16:08:26 vps371230 sshd[28282]: Failed password for root from 119.193.140.204 port 35468 ssh2
Feb 5 16:08:28 vps371230 sshd[28282]: Failed password for root from 119.193.140.204 port 35468 ssh2As you can see it tell you who, when and where and how. All the information on the attacker you need
You can even get the MAC address if you dig in the logs a little deeper.
StackArcVPS
Member
- Joined
- Apr 5, 2017
- Messages
- 56
- Points
- 0
Never use An ftp for starter use a more secure way for file transfers and if you are using a vnc then use tunneling to hide your password and other content. use complicated or auto generated difficult passwords. Also change your password right after your VPS order is delivered
Older Threads
Newer Threads
Latest Threads
Recommended Threads
Similar Threads
Latest postsNew threads
-
New threads
-
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 support
- Started by cancan
- Replies: 0
-
How to Choose the Best Web Hosting Provider for a New Website ??
- Started by marcellosallas
- Replies: 0
-
Jtti: What are some common misconceptions about firewall rules?
- Started by jtti
- Replies: 0
-
Latest Hosting OffersNew Reviews
-
Latest hosting offers
-
Save an incredible 90% off! The Best HostPapa Deal so Far: Unlimited SSL, 50 GB NVMe, 24/7 supportEssentials Hosting provides reliable and affordable web hosting solutions!
- cancan
- Updated:
-
Affordable Dedicated Servers - Raspberry Pi & Intel N95 | From €12.90/mo - Unlimited Traffic.Affordable Raspberry Pi & Intel N95 Dedicated Servers with SSD Storage and Unlimited Traffic.- Tinyservers.eu
- Updated:
-
SystemInPlace - Low cost Dual E5 384GB/512GB RAM DEDI. 30% OFF FIRST MONTH! 1gb/2.5gb/5gb/10gbAffordable enterprise grade dedicated servers at a price you can afford.- systeminplace
- Updated:
-
