So you just got your new virtual private server (VPS) and your are excided about using it BUT you need to be aware of some import tips to help you secure it properly. Your VPS will open you up to a whole new world of possibilities and power. It will also open you up to a new world of security threats. If you are accustomed to having most security issues handled by your shared hosting provider, now might be a good time to learn some basic security tips for your new VPS.
1. Protect your logins – This means using strong secure password and limiting SSH access to only necessary users and disallowing root logins. The ‘root’ account has full control over the entire server, so allowing direct logins as ‘root’ via SSH is one of the biggest security risks. Hackers can brute force a server’s ‘root’ password and when they succeed, they will gain full control over your entire server.
2. Keep Your Software Up-To-Date – Keeping the software up-to-date is one of the most important tasks of securing your server. Everyday, numerous vulnerabilities are found in various linux applications, services and scripts and new fixed versions of them are being released very quickly. Installing the updates on your server is crucial and strongly recommended.
3. Protect your server – This means network firewalls, application firewalls, brute force detection and any other form of protection you can imagine. Take some time and research various preventative measures you can take with your operating system.
4. Monitor everything – A VPS administrator must be proactive. You cannot wait until your web host contacts you with a problem. Unlike shared hosting, this may not happen until it is too late. Setup system monitors and keep an eye on your virtual server.
5. Backup, Backup, and Backup – Backup your server regularly and be prepared for the worst. Test your backups to make sure they actually restore properly.
6. Stop/Disable Unnecessary Services – All Linux distributions usually have many services/daemons configured to start every time you start the server. The more services running on your server, the more ports are being open to potential external break-ins. Disabling unnecessary services can improve the security of your server and even the overall server performance.
To check which services are running on your server execute:
# chkconfig –list
The above command will show the startup status of all services.
To stop a service at startup time you can execute:
# chkconfig –levels off
When you start to think about the huge responsibility a VPS requires, it can be overwhelming, but it is definitely manageable if you have the right tools and a fair amount of education on the topic.
