+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: VPS Discussion (https://post4vps.com/Forum-VPS-Discussion)
+--- Forum: VPS Protection (https://post4vps.com/Forum-VPS-Protection)
+--- Thread: How to keep our VPS save from Chinese Botnets? (/Thread-How-to-keep-our-VPS-save-from-Chinese-Botnets)
RE: How to keep our VPS save from Chinese Botnets? - perry - 09-11-2018
(09-09-2018, 07:13 AM)mzmznasipadang Wrote: Hey guys, I've one vps that I used for hosting my own vpn. The problem is its getting a lot of botnets. So how do I to keep my own VPS save from Botnets? Thank You!
if your original ip has been guessed. cloudflare will not work anymore.
use ssh keys and disable root login. this will dramatically decrease the chance to get compromised.
but remember no one is 100% safe.
RE: How to keep our VPS save from Chinese Botnets? - deanhills - 09-13-2018
(09-11-2018, 01:27 PM)perryoo11 Wrote: if your original ip has been guessed. cloudflare will not work anymore.
use ssh keys and disable root login. this will dramatically decrease the chance to get compromised.
but remember no one is 100% safe.
What helps me a lot is to just disable the port 22 by replacing it with a different port number.
Here's a tutorial for how to change the port number for the VPS using CentOS:
https://post4vps.com/showthread.php?tid=2151
RE: How to keep our VPS save from Chinese Botnets? - chanalku91 - 09-14-2018
Change Port ssh, change password, and turn off root username access, and configure NFGW and Overcome Force brutal attacks. And BINGO Your server must be able to withstand the attack
After configuring this
RE: How to keep our VPS save from Chinese Botnets? - humanpuff69 - 09-14-2018
there are lot
(09-14-2018, 12:54 AM)chanalku91 Wrote: Change Port ssh, change password, and turn off root username access, and configure NFGW and Overcome Force brutal attacks. And BINGO Your server must be able to withstand the attack
After configuring this
great advice . with the default ssh port and root username the brute foirce attack will be much easier because they know the username / ssh port by changing it you are making another work to those chinese botnet
RE: How to keep our VPS save from Chinese Botnets? - chanalku91 - 09-14-2018
(09-14-2018, 12:54 PM)humanpuff69 Wrote: there are lot
great advice . with the default ssh port and root username the brute foirce attack will be much easier because they know the username / ssh port by changing it you are making another work to those chinese botnet
I still haven't thought about it carefully and again I use MultiFirewall IP :/
RE: How to keep our VPS save from Chinese Botnets? - humanpuff69 - 09-15-2018
(09-14-2018, 11:22 PM)chanalku91 Wrote: I still haven't thought about it carefully and again I use MultiFirewall IP :/
never heard of that but it look like firewall for multiple ip from the name
RE: How to keep our VPS save from Chinese Botnets? - chanalku91 - 09-15-2018
Yes I use the PSYCHZ service and get some ip as a firewall and that I use for my minecraft server
custom firewall config
RE: How to keep our VPS save from Chinese Botnets? - Kururin - 09-22-2018
Mostly what everyone says here - Disable password and implement ssh key only login. Change port to something random from 22, then use ufw to block all ports except 80 and 443. That will do but remember its not guaranteed still that it will be safe from botnets.
RE: How to keep our VPS save from Chinese Botnets? - deanhills - 09-25-2018
For me the port number change is the easiest and also 90% the battle. I tried keyless entry, and locked myself out of my VPS. it's not as foolproof as it sounds like. It worked for a week or so, and then all of a sudden locked me out. I don't think it is really that necessary when there are so many other ways to secure the VPS to go for keyless entry. Changing a port number is very simple and easy to do. And I found enough for me. It sorts out about 99% of bot traffic.
RE: How to keep our VPS save from Chinese Botnets? - humanpuff69 - 09-25-2018
(09-25-2018, 08:58 AM)deanhills Wrote: For me the port number change is the easiest and also 90% the battle. I tried keyless entry, and locked myself out of my VPS. it's not as foolproof as it sounds like. It worked for a week or so, and then all of a sudden locked me out. I don't think it is really that necessary when there are so many other ways to secure the VPS to go for keyless entry. Changing a port number is very simple and easy to do. And I found enough for me. It sorts out about 99% of bot traffic.
true . most of the bot assume the ssh port is 22 . by changing it basically we bypass that bot assume . there still bot that scan through port but that is rare and most of this kinda bot stick with port 22 . changing the port is important .