It does not matter if you are using a VPS that transmits private or public data, all your data should be as secure as possible. As your webmaster, there are some simple tips you need to know to help ensure that the information stored on your site is secure.
No matter how reliable the hosting company you choose, the following tips will help you keep your VPS safe.
1. Server control
First of all, check your server. This will help you to see what is going on in your system but also to find where the vulnerabilities of your system are. The good news is that there are plenty tools who can help you with this process.
2. Disable unused services and ports
The next step is to check the running applications and services. Ask yourself if you need all the services and applications for it mode of your VPS.
If you think a particular application is necessary, then determine if it should always be open to the public. If you see that many applications that you do not use are running, then your server is not so secure.
To list all services running on Linux servers, use the command:
systemctl
As for ports, open only those that the VPS requires for its optimal functionality. But that's not all. You need to open these ports with IPtables and set the default ingress chain. This means that any door do not open it will remain disabled forever. You can learn how to manage ports in Linux here.
3. Update your server and keep regular backups
Updating your system with the latest software is incredibly essential to the security of your VPS.
Make sure you run the most secure applications and make sure you back up your VPS data frequently. This ensures that in the event that something goes wrong, you will have all your data intact. This will allow you to retrieve the information or even go back to the previous version.
4. Make sure you are using secure SSH settings
As you know, SSH is one of the system standards needed to run and configure your server. Of course, you are not the only one who knows this hackers they may know even better. So keeping this daemon safe should always be your top priority. The good news is that its settings SSH is very simple.
Remember, as administrators, you are solely responsible for the security of your server.
Here are some helpful tips:
- Change the SSH port
- Prevent root access for any user trying to connect to the server via SSH
- Do not use a password but an SSH key.
- Install intrusion detection software such as Fail2Ban to restrict user connections
- Set up your system to notify you whenever an unauthorized user tries to connect to your server.
- Be careful with known threats.
- Remove any unused packages or disks
In most cases, your server comes with many applications and services. What you do not need should be removed, because they can act as an intruder. Any package used can present some vulnerabilities and it is best practice to keep only the services you need.
6. Use a top security policy
Weak passwords are the ultimate threat to your server security.
Avoid leaving your server without a password. If you decide not to use an SSH key, a strong password should never be shorter than 10 characters that combine letternumbers, uppercase and lowercase, and special characters.
7. Adjust the firewall
There are many firewalls to choose from for your server security. Adjust the firewall to help filter out unwanted traffic. This is one of the ways to fight DDoS attacks.
You can also use the application TCPWrapper to help you filter out programs that have access to the network.
8. Install updated antivirus software
Antivirus or antimalware software can be a good defense on your server against any malicious software that has managed to break through the firewall. While a firewall provides protection against malicious activity trying to enter your system, it cannot do everything.
If you have a low budget, you can choose free alternatives that work. You can select open source applications such as Maldet to scan for potential threats to your VPS.
