The internet is the source of income for millions of people, and it could be considered one of the best creations of technology. However, with time, the internet has become vulnerable to security threats. Thus, your Linux VPS is also susceptible to these risks, as it is hosted on the internet.
Your VPS can contain sensitive data of yourself or your customers. Moreover, the virtual private server could be essential to your business. Thus, it is of immense importance to secure it and protect it against the vulnerabilities.
In this article, we have compiled three simple steps that you can do to better the security of your Linux VPS immediately. These are just starting points that every VPS owner should consider adopting – we will be introducing more tutorials which will cover more in-depth security tutorials.
- Change SSH port number
By default on most VPS’s, the SSH server listens to port 22 on TCP. However, we can change this port to increase the security of our VPS.
You can check your current SSH port with the following command:
“netstat -tulnp | grep ssh”
To change the port number on most operating systems, open the file “/etc/ssh/sshd_config”. Then look for the line “#Port 22”, remove the “#” and change “22” with any desired port number. For example, change the line to “Port 11000”.
Now, you need to restart the SSH server to apply the changes. Run this command:
“systemctl restart sshd”
IMPORTANT: If you are running a firewall such as iptables rules or CSF, be sure to allow the custom SSH port.
- Set up a firewall
A firewall is an essential while setting up a VPS. It allows you to accept traffic only from specific ports while rejecting all other traffic.
This makes sure that all unused ports are not vulnerable to malware and insecure traffic. This prevents security breaches while also increasing the efficiency of your server.
One such firewall is ConfigServer Firewall or CSF. It readily improves your server’s security and comes with an easy to use interface. It rejects all traffic except useful connections such as emails, FTP, SMTP, and critical websites. You can learn more about ConfigServer Firewall here: https://www.configserver.com/cp/csf.html
- Install Fail2Ban
Fail2Ban is an intrusion prevention system. It is based on Python and keeps track of all traffic to detect any unusual activity, such as extensive login attempts. Fail2Ban will also stop accepting traffic from the attacker’s IP address after a predefined time.
Fail2Ban will secure your Linux VPS against threats such as brute force attacks and DDoS.
What other security steps do you take on your VPS? Please share in the comments section below!
Related Posts:
- Have you ever visited the web’s busiest hosting forum? LowEndTalk awaits. - September 27, 2022
- Grab the deals first by subscribing to our new deal alerts - September 16, 2022
- LowEndBox is on Instagram and TikTok! - August 5, 2022
Changing ssh-server port is topic for endless discussion. Even though some call it “security through obscurity”, I’d say it actually has very little to do with security. Determined attacker can find ssh-port anyway. IMHO if you disable root-login and password-login, it will secure ssh-server much more, than moving it to different port…
totally agreed. Disable root-remote-login and changing ssh port help decreasing the amount of data go to btmp log every day.
Completely agree with above comment. Changing port number isn’t completely pointless as it can stop the endless thousands of bot hits but doesn’t do much more than that. Securely configuring SSHD to use ssh keys and not allow password logins provides far more security and should be one of the first steps in configuring a new VPS.
I used the command ‘sudo lsof -ai -p “$pid”‘ and found alot of processes, below. Has my VPS been hacked?
Yes, looks like your server has been compromised. Run the command ‘last’ to check last successful login.