What’s your go-to process for securing a freshly provisioned VPS?

Emily Routledge

Active member
Registered
Joined
Aug 13, 2016
Messages
80
Points
8
I’ve just spun up a new Ubuntu VPS and want to lock it down properly before deploying any sites or apps. What steps, tools, and configurations do you always apply e.g. SSH hardening, firewall rules, intrusion prevention, automatic updates to ensure a secure baseline?

Concrete examples or scripts are welcome!
 

CharityHost_org

New member
Registered
Joined
Dec 17, 2024
Messages
4
Points
1
Assuming you are not using a control panel and going headless, then:
1. Create and add ssh-key, so you do not use password login by ssh
2. Set root login in sshd_config to 'without-password' Or create a sudo user and set it to 'no'
3. Install CSF and tune the csf.conf, take your time to read the csf.conf carefully to set optimally
4. Check auto update settings, look for automatic updates from ubuntu community online docs.
5. Make sure you reboot every so often, once every month to 3 months to get the latest kernel updates. OR use ubuntu pro, which is a paid subscription in general.

Depending on what the use case is for your server, there are other optimizations you can do... Will vary.

If you plan to create and manage many servers, consider using ansible or something like it to manage the server configurations and updates/reboots.
 
Recommended Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top