3v-Hosting Blog
7 min read
Secure your Linux VPS (Virtual Private Server) now to protect web services, databases and cloud applications from cyber threats. A VPS is a remotely accessible server environment, so implement basic security measures to reduce the risk of unauthorised access, data breaches and service disruptions.
This article will explore the essential steps to secure a Linux VPS, covering SSH hardening, firewall configuration, user management, software updates, and monitoring strategies. These measures provide a strong foundational security level for any Linux-based server.
One of the first steps in securing a VPS is configuring SSH (Secure Shell), as it is the primary method for remote server access.
By default, SSH runs on port 22, which is frequently targeted by brute-force attacks. Changing this port reduces the number of automated attacks. To modify the port - open the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Locate the line:
#Port 22
Change it to an uncommon port, such as 2222:
Port 2222
Restart SSH service:
sudo systemctl restart sshd
Allowing root login via SSH is a major security risk. Instead, create a regular user with sudo privileges and disable root access.
Add a new user:
sudo adduser secureuser
sudo usermod -aG sudo secureuser
Disable root SSH login. Edit /etc/ssh/sshd_config and set:
PermitRootLogin no
Restart SSH service:
sudo systemctl restart sshd
Using SSH keys instead of passwords significantly enhances security. Generate an SSH key pair on your local machine:
ssh-keygen -t rsa -b 4096
Copy the public key to the server:
ssh-copy-id -p 2222 secureuser@your_vps_ip
Disable password authentication in /etc/ssh/sshd_config:
PasswordAuthentication no
Restart SSH service:
sudo systemctl restart sshd
A firewall helps block unauthorized access while allowing necessary services to function.
Install UFW if not already installed:
sudo apt install ufw
Allow necessary services:
sudo ufw allow 2222/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
Enable the firewall:
sudo ufw enable
Check firewall status:
sudo ufw status verbose
Regular updates help mitigate vulnerabilities.
On Debian-based systems:
sudo apt update && sudo apt upgrade -y
On RHEL-based systems:
sudo yum update -y
For Debian/Ubuntu:
sudo apt install unattended-upgrades
sudo dpkg-reconfigure unattended-upgrades
Instead of performing all actions as root, use a standard user account with sudo privileges.
sudo adduser newuser
sudo usermod -aG sudo newuser
Restrict permissions using chmod and chown to ensure users only have access to necessary files.
For example:
chmod 700 /home/user/private_folder
chown user:user /home/user/private_folder
Fail2Ban helps protect against brute-force attacks by banning IPs with multiple failed login attempts.
Install Fail2Ban:
sudo apt install fail2ban
Create a local configuration file:
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Edit /etc/fail2ban/jail.local and configure SSH settings:
[sshd]
enabled = true
port = 2222
maxretry = 5
bantime = 600
Restart Fail2Ban:
sudo systemctl restart fail2ban
Checking logs helps detect suspicious activities.
View authentication logs:
sudo cat /var/log/auth.log
Monitor system logs:
sudo journalctl -xe
Install tools like rkhunter to scan for rootkits:
sudo apt install rkhunter
sudo rkhunter --update
sudo rkhunter --check
Set up a basic level of security for your Linux VPS by securing remote access, configuring firewalls, managing users, enabling automatic updates and monitoring system logs. These steps will significantly reduce vulnerabilities and create a strong foundation for further security enhancements. Regular audits and continuous monitoring are necessary to maintain a secure environment for any server in production.
Installing Discord on Ubuntu and other Linux systems: a step-by-step guide to installing via Deb, Snap, and Flatpak, configuring audio, video, and notifications...
MySQL is a popular open-source relational database management system used by many businesses and organizations. One of the common tasks in MySQL administration ...
One of the most common errors received while working on the Internet, with websites or applications is the 502 Bad Gateway error, and this error confuses an ine...
SOLID principles help create flexible, scalable, and maintainable code. We break down SRP, OCP, LSP, ISP, and DIP with examples and practical recommendations.
HTTP 503 (Service Unavailable) means that your server is overloaded or undergoing maintenance. Find out what causes this error, how to fix it, and how to preven...
Manage your VPS and websites easily with the Ispmanager control panel. Create domains, databases, and backups in one click, monitor performance, and secure your...
