It does not matter if you are using a VPS that transmits private or public data, all your data should be as secure as possible. As your webmaster, there are some simple tips you need to know to help ensure that the information stored on your site is secure.
No matter how reliable the hosting company you choose, the following tips will help you keep your VPS safe.
1. Server control
First of all, check your server. This will help you to see what is going on in your system but also to find where the vulnerabilities of your system are. The good news is that there are several tools that can help you with this process.
2. Disable unused services and ports
The next step is to check the running applications and services. Ask yourself if you need all the services and applications to run your VPS.
If you think a particular application is necessary, then determine if it should always be open to the public. If you see that many applications are not running that you are not using, then your server is not so secure.
To list all services running on Linux servers, use the command:
As for the ports, open only those required by the VPS for optimal functionality. But it is not only that. You need to open these ports with IPtables and set the default input chain. This means that any port you do not open will be permanently disabled. You can learn how to manage ports on Linux here.
3. Update your server and keep regular backups
Updating your system with the latest software is incredibly essential to the security of your VPS.
Make sure you run the most secure applications, and make sure you back up your VPS data frequently. This ensures that in the event that something goes wrong, you will have all your data intact. This will allow you to retrieve the information or even go back to the previous version.
4. Make sure you are using secure SSH settings
As you know, SSH is one of the system templates you need to run and configure your server. Of course, this is not the only thing you know; hackers may know it even better. So keeping this daemon safe should always be your first priority. The good news is that its settings SSH is very simple.
Remember, as administrators, you are solely responsible for the security of your server.
Here are some helpful tips:
- Change the SSH port
- Prevent root access for any user trying to connect to the server via SSH
- Do not use a password but an SSH key.
- Install intrusion detection software such as Fail2Ban to restrict user connections
- Set up your system to notify you whenever an unauthorized user tries to connect to your server.
- Be careful with known threats.
- Remove any unused packages or disks
In most cases, your server comes with many applications and services. What you do not need should be removed, as they can act as an gateway for intruders. Any package used can present some vulnerabilities and it is best practice to keep only the services you need.
6. Use a top security policy
Weak passwords are the ultimate threat to your server security.
Avoid leaving your server without a password. If you decide not to use an SSH key, a strong password should never be less than 10 characters combining letters, numbers, lowercase and uppercase and special characters.
7. Adjust the firewall
There are many firewalls to choose from for your server security. Adjust the firewall to help filter out unwanted traffic. This is one of the ways to fight DDoS attacks.
You can also use the application TCPWrapper to help you filter out programs that have access to the network.
8. Install updated antivirus software
Antivirus or antimalware software can be a good defense on your server against any malicious software that has managed to break through the firewall. While a firewall provides protection against malicious activity trying to enter your system, it cannot do everything.
If you have a low budget, you can choose free alternatives that work. You can select open source applications such as Maldet to scan for potential threats to your VPS.