arrow_upward

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
How to keep our VPS save from Chinese Botnets?
#11
(09-09-2018, 07:13 AM)mzmznasipadang Wrote: Hey guys, I've one vps that I used for hosting my own vpn. The problem is its getting a lot of botnets. So how do I to keep my own VPS save from Botnets? Thank You!

if your original ip has been guessed. cloudflare will not work anymore.

use ssh keys and disable root login. this will dramatically decrease the chance to get compromised.
but remember no one is 100% safe.
#12
(09-11-2018, 01:27 PM)perryoo11 Wrote: if your original ip has been guessed. cloudflare will not work anymore.

use ssh keys and disable root login. this will dramatically decrease the chance to get compromised.
but remember no one is 100% safe.

What helps me a lot is to just disable the port 22 by replacing it with a different port number. 

Here's a tutorial for how to change the port number for the VPS using CentOS:

https://post4vps.com/showthread.php?tid=2151
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  
#13
Change Port ssh, change password, and turn off root username access, and configure NFGW and Overcome Force brutal attacks. And BINGO Your server must be able to withstand the attack
After configuring this
Terminal
Solo Developer
#14
there are lot
(09-14-2018, 12:54 AM)chanalku91 Wrote: Change Port ssh, change password, and turn off root username access, and configure NFGW and Overcome Force brutal attacks. And BINGO Your server must be able to withstand the attack
After configuring this

great advice . with the default ssh port and root username the brute foirce attack will be much easier because they know the username / ssh port by changing it you are making another work to those chinese botnet
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5
#15
(09-14-2018, 12:54 PM)humanpuff69 Wrote: there are lot
great advice . with the default ssh port and root username the brute foirce attack will be much easier because they know the username / ssh port by changing it you are making another work to those chinese botnet

I still haven't thought about it carefully and again I use MultiFirewall IP :/
Terminal
Solo Developer
#16
(09-14-2018, 11:22 PM)chanalku91 Wrote: I still haven't thought about it carefully and again I use MultiFirewall IP :/

never heard of that but it look like firewall for multiple ip from the name
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5
#17
Yes I use the PSYCHZ service and get some ip as a firewall and that I use for my minecraft server
custom firewall config
Terminal
Solo Developer
#18
Mostly what everyone says here - Disable password and implement ssh key only login. Change port to something random from 22, then use ufw to block all ports except 80 and 443. That will do but remember its not guaranteed still that it will be safe from botnets.
No one knows what the future holds, that's why its potential is infinite
#19
For me the port number change is the easiest and also 90% the battle. I tried keyless entry, and locked myself out of my VPS. it's not as foolproof as it sounds like. It worked for a week or so, and then all of a sudden locked me out. I don't think it is really that necessary when there are so many other ways to secure the VPS to go for keyless entry. Changing a port number is very simple and easy to do. And I found enough for me. It sorts out about 99% of bot traffic.
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  
#20
(09-25-2018, 08:58 AM)deanhills Wrote: For me the port number change is the easiest and also 90% the battle. I tried keyless entry, and locked myself out of my VPS. it's not as foolproof as it sounds like. It worked for a week or so, and then all of a sudden locked me out. I don't think it is really that necessary when there are so many other ways to secure the VPS to go for keyless entry. Changing a port number is very simple and easy to do. And I found enough for me. It sorts out about 99% of bot traffic.

true . most of the bot assume the ssh port is 22 . by changing it basically we bypass that bot assume . there still bot that scan through port but that is rare and most of this kinda bot stick with port 22 . changing the port is important .
Terminal
humanpuff69@FPAX:~$ Thanks To Shadow Hosting And Post4VPS for VPS 5


person_pin_circle Users browsing this thread: 3 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting