+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: VPS Discussion (https://post4vps.com/Forum-VPS-Discussion)
+--- Forum: VPS Protection (https://post4vps.com/Forum-VPS-Protection)
+--- Thread: [Tutorial] How to (properly) secure your VPS (/Thread-Tutorial-How-to-properly-secure-your-VPS)
Pages:
1
2
[Tutorial] How to (properly) secure your VPS - Conan - 05-06-2018
I. Don't use the root account! Create a new sudoer account
Spoiler Expand
II. Use SSH Keys!
Linux/Mac client
Spoiler Expand
Spoiler Expand
III. Disable password authentication!
Spoiler Expand
IV. Install fail2ban
CentOS
Spoiler Expand
Spoiler Expand
RE: [Tutorial] How to (properly) secure your VPS - chanalku91 - 05-07-2018
Does this work to protect vps from hackers?
Google translate
RE: [Tutorial] How to (properly) secure your VPS - Conan - 05-07-2018
@chanalku91
Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.
fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)
RE: [Tutorial] How to (properly) secure your VPS - Vuluts - 05-07-2018
@chanalku91 these security tips can help your VPS from hackers (simple hacking) preventing to enter your VPS but advance hackers is different. There are many ways to hack, so suggested is that you secure your VPS internally and externally, what I mean by externally is that your VPS is protected by 3rd party like having a DDoS protectection etc etc.
RE: [Tutorial] How to (properly) secure your VPS - humanpuff69 - 05-07-2018
for me i still use normal password authentication . Nice tutorial i probably will do it later but still private key is much secure than normal password because private key is much longer than password and on top of that you need the password so its a win win in term of security
RE: [Tutorial] How to (properly) secure your VPS - chanalku91 - 05-08-2018
(05-07-2018, 02:55 PM)Conan Wrote: @chanalku91
Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.
fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)
Awesome! Now I do not need to fret with the extreme hacker hacker weaponry
RE: [Tutorial] How to (properly) secure your VPS - Conan - 05-08-2018
@humanpuff69
Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts
RE: [Tutorial] How to (properly) secure your VPS - humanpuff69 - 05-08-2018
(05-08-2018, 04:32 AM)Conan Wrote: @humanpuff69
Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts
I already installed it now thanks for your suggestion . I used to used it on my old vps and when my vps get spammed the cpu usage for fail2ban just gone crazy . But it does protect the server
RE: [Tutorial] How to (properly) secure your VPS - youssefbasha - 06-16-2018
What about Ubuntu 16.04?
Can you tell me how to install fail2ban on it?
RE: [Tutorial] How to (properly) secure your VPS - YOuNeS_Dz - 06-18-2018
fail2ban?? well can you tell me more about it ?.. i'll try it out, after i know which this fail2ban used for
thanks for tutorial