Post4VPS Forum | Free VPS Provider

Post4VPS Forum | Free VPS Provider > VPS Discussion > VPS Protection > [Tutorial] How to (properly) secure your VPS
Full Version: [Tutorial] How to (properly) secure your VPS
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2

Conan

05-06-2018, 10:17 AM
I. Don't use the root account! Create a new sudoer account
Spoiler Expand
(Make sure you install sudo from your package manager if it's not installed)

1. Create the account. Enter all the details that is prompted.
Code:
useradd <username>

2. Add the user to the sudoer group
Code:
echo '<username> ALL=(ALL) ALL' >> /etc/sudoers

3. Disable root login!
Code:
echo 'PermitRootLogin no' >> /etc/ssh/sshd_config

4. Restart sshd
Code:
systemctl restart sshd

II. Use SSH Keys!

Linux/Mac client
Spoiler Expand
1. Generate the key.
If prompted for the path, just press enter.
As for the password, it's your choice to use it or not. (Though it's recommended to use a password for the key file)
Code:
ssh-keygen -t rsa
2. Copy over the public key to your server
Code:
ssh-copy-id <username>@<host>

You can now connect to the server using ssh keys.
Windows
Spoiler Expand
In Progress...

III. Disable password authentication!
Spoiler Expand
1. Just run this command to disable
Code:
echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config
2. Restart sshd
Code:
systemctl restart sshd

IV. Install fail2ban
CentOS
Spoiler Expand
1. Install
Code:
yum install epel-release #Needed repo
yum install fail2ban
2. Run and enable run at startup
Code:
systemctl enable fail2ban
systemctl start fail2ban
Debian
Spoiler Expand

Code:
apt-get install fail2ban
2. Run and enable run at startup
Code:
systemctl enable fail2ban
systemctl start fail2ban

chanalku91

05-07-2018, 04:29 AM
Does this work to protect vps from hackers?

Google translate

Conan

05-07-2018, 02:55 PM

Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.

fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)

Vuluts

05-07-2018, 03:41 PM
these security tips can help your VPS from hackers (simple hacking) preventing to enter your VPS but advance hackers is different. There are many ways to hack, so suggested is that you secure your VPS internally and externally, what I mean by externally is that your VPS is protected by 3rd party like having a DDoS protectection etc etc.

humanpuff69

05-07-2018, 03:58 PM
for me i still use normal password authentication . Nice tutorial i probably will do it later but still private key is much secure than normal password because private key is much longer than password and on top of that you need the password so its a win win in term of security

chanalku91

05-08-2018, 01:35 AM
(05-07-2018, 02:55 PM)Conan Wrote: [ -> ]
Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.

fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)

Awesome! Now I do not need to fret with the extreme hacker hacker weaponry

Conan

05-08-2018, 04:32 AM

Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts

humanpuff69

05-08-2018, 09:29 AM
(05-08-2018, 04:32 AM)Conan Wrote: [ -> ]
Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts

I already installed it now thanks for your suggestion . I used to used it on my old vps and when my vps get spammed the cpu usage for fail2ban just gone crazy . But it does protect the server

youssefbasha

06-16-2018, 03:07 PM
What about Ubuntu 16.04?
Can you tell me how to install fail2ban on it?

YOuNeS_Dz

06-18-2018, 10:16 AM
fail2ban?? well can you tell me more about it ?.. i'll try it out, after i know which this fail2ban used for Smile
thanks for tutorial
Pages: 1 2
Post4VPS Forum | Free VPS Provider > VPS Discussion > VPS Protection > [Tutorial] How to (properly) secure your VPS