what you do first when you order/get a new vps

kubanek_kuba · 07-18-2017, 09:11 AM

(07-16-2017, 09:04 PM)YOuNeS_Dz Wrote: ye without security
to be honest with you, until now idk how to protect my vps/GamePanel(Srvs) from ddos attack because until now.. no one attack my vps :

So you are lucky. I have small TS3 server for more than 1 year and I had few problems with ddos attacks.

Dudi · 07-18-2017, 11:49 AM

(07-18-2017, 09:11 AM)kubanek_kuba Wrote: So you are lucky. I have small TS3 server for more than 1 year and I had few problems with ddos attacks.

And do you use Host4Fun as a provider? Because their servers have a builtin DDoS protection.
But a normal user can't do anything against DDoS attacks.

YOuNeS_Dz · 07-18-2017, 07:02 PM

(07-18-2017, 11:49 AM)Dudi Wrote: And do you use Host4Fun as a provider? Because their servers have a builtin DDoS protection.
But a normal user can't do anything against DDoS attacks.

what do you mean by "normal user" ?

Golden · 07-19-2017, 08:06 AM

I usually changed the password when I firstly get my VPS. Then I use iptables to block incoming connections from port 22, nobody wants to get hacked xD

kubanek_kuba · 07-20-2017, 07:22 AM

(07-18-2017, 11:49 AM)Dudi Wrote: And do you use Host4Fun as a provider? Because their servers have a builtin DDoS protection.
But a normal user can't do anything against DDoS attacks.

Yes I have VPS from Host4Fun for over 1 year. Last DDoS attack was few months ago.

TimeRider · 01-09-2018, 02:00 PM

First thing, I get an VPS then I check it's specs, I do build-essentials, I change it's password, I install some of the programs.

**tiwil** · 01-09-2018, 02:22 PM

As I've read and I really do while get my first VPS,

1. Change password, create a new user
2. apt-get update && apt-get upgrade
3. Install what I want to

And the last step is, follow the tutorial that I get.
Like securing your VPS from DigitalOcean tutorial.

Siover · 01-15-2018, 03:42 PM

If I get a new VPS I will be like a BOSS

because I never had a VPS and I really want one .

**Mashiro** · 07-04-2018, 07:48 AM

There are a few things I do initially when I setup a new VPS.

I setup SSH public-private key authentication, install my public keys, test the setup and after that I fully disable SSH password authentication and other methods.
I also change the SSH port from 22 to a different port above 1024 while doing the step above.
After the SSH port was changed and SSH public-private key authentication was successfully setup I run a update cycle to have the latest packages and a up to date OS.
I perform a small cleanup and remove unnecessary packages to get a bit of disk space back (OpenVZ templates usually come with services like Apache and etc preinstalled even when one might not need them).
And at the end I usually install misc packages like htop, nano, tmux and others that I might need to work and set them up afterwards.
The grand but rather optional finale is that I would setup a strict firewall that blocks everything and only excludes certain ports such as SSH and etc. I usually write shell script for that and put it somewhere into the startup.

That's my checklist although I'm mostly too lazy for the last step because it includes a lot of maintenance work afterwards. For further projects, applications and etc ports have to be unlocked and everything always has to be tested.

Login

Options

Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting