VPS security is not new, and it is a concern for not only for big companies but for the people who use the VPS server. We should not take it lightly due to customer data loss, cyber threats, and stolen financial information. That’s why it is important to optimize the security of your VPS server. Here, we will discuss the best ways to secure your VPS that help to keep your data extra secure.
Secure your VPS
Open your favorite terminal and login with your root account. If your web host gives you an automatically generated root password for your VPS server, here’s how to change it. You must use a strong password for this account, type the command passwd root then enter the new password twice.
Creating a new user account
This new user account will allow you to connect to his VPS server because later we will block the direct connection with the root account. This limits brute force attacks on this account.
Type the command: add user cache replace cache with your username. Enter the strong password twice. As this is a new user, the system will ask you to enter several information, but you can type Enter on each line.
We are now going to give this user rights, for that we are going to add it to the sudo group. If your VPS server does not have the basic sudo package, you just need to install it with the command: Sudo apt-get.
Set a password that complies with security policies
The first thing to do as soon as our VPS server has been activated is to set a hacker-proof password. Therefore, we must avoid widely used keywords such as the classic “1234” “00000,” etc. Pay attention to simple words that are commonly used such as home, car etc., very simple to discover with a brute force attack.
Another element not to be overlooked is to use passwords that refer to our interests and personality.
This applies in the event of a targeted attack, but it is good to know that hackers often study the subject they want to target to guess the possible passwords used by him. No favorite groups, names of relatives and pets, or any other strictly personal element and perhaps easily available through social profiles.
Instead, a quality password must contain alphanumeric characters, special characters, and uppercase characters in order to become much more secure and impossible to guess.
Change the SSH port
Another element not to be overlooked is the SSH port. In fact, hacker attacks often exploit the default ports of SSH services. Therefore, it is very important to change this port immediately through the server prompt by changing the standard value set to 22.
Configure a firewall
It is also a good idea to install a firewall to protect our VPS server. The more security measures we have, the less intrusion risks our VPS server runs. One of the most powerful firewalls recommended is the one provided by Linux.
Backups are fundamental. The backup must always be done in advance, regardless of whether you are under attack or not. Having a working version of our site and the VPS server configuration will, in fact, guarantee us fair protection even from internal failures and errors committed by us, but capable of completely haywire the whole system.
Therefore, it is always necessary to keep a backup copy, update it, and maybe upload it to multiple media, even better if on cloud systems.
Disable login with the root account
Disabling the root account on the connection will block any attempt to connect with the latter. Of course, the root account is not deactivated; we will just block the direct connection with this account. With a text editor, we will modify the SSH configuration file. As a reminder, SSH is the service that allows us to connect to the server. Under Linux, there are several editors. There are mainly vim and nano that you can use. Commonly, most people use nano. You can install it with the sudo apt install nano command if it is not already installed.
To edit the file type nano/ssh/sshd_config in the file, find the line ‘PermitRootLogin ‘yes modify the line by replacing yes with no.
You can also take the opportunity to change the SSH 22 listening port. This is not mandatory but recommended. For example, you can take 2222. Find the line that says Port 22 and replaces the number 22 with 2222 (or something else).
Once the modification is made, do CTRL + X to quit the edition.
Then type Y for yes, then for the name of the file, do not change anything enter.
For the change to be taken into account, restart the service with the command /etc/init.d/ssh restart. You can exit the console with the exit command and then try a root connection.
Keep the VPS up to date
It is also important to keep everything up to date, follow the latest news, and install all the recommended elements from time to time, depending on the new threats on the web.
Securing your free VPS isn’t that hard. Just stick to a few rules and adhere to safety standards. Although many operators already provide you with safety systems, it is absolutely recommended to use additional measures.
As always, prevention is always better than cure, and a well-protected VPS server will be more difficult to hack, as well as less attractive to hackers than servers full of loopholes and easy-to-exploit entrances. The backup becomes the last fundamental resource, never to be forgotten and to be kept in the safest place possible.
Whether it is VPS hosting or shared hosting you use for your website, security should be your top priority. You can make your VPS server more secure by enabling two-factor authentications, creating difficult passwords, and avoiding the illegal software.