Problems activating your account? Send notification email to: [email protected]
Host4Fun Budget VPS Hosting
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[Tutorial] How to (properly) secure your VPS
#1
I. Don't use the root account! Create a new sudoer account
Spoiler Expand
(Make sure you install sudo from your package manager if it's not installed)

1. Create the account. Enter all the details that is prompted.
Code:
useradd <username>

2. Add the user to the sudoer group
Code:
echo '<username> ALL=(ALL) ALL' >> /etc/sudoers

3. Disable root login!
Code:
echo 'PermitRootLogin no' >> /etc/ssh/sshd_config

4. Restart sshd
Code:
systemctl restart sshd

II. Use SSH Keys!

Linux/Mac client
Spoiler Expand
1. Generate the key.
If prompted for the path, just press enter.
As for the password, it's your choice to use it or not. (Though it's recommended to use a password for the key file)
Code:
ssh-keygen -t rsa
2. Copy over the public key to your server
Code:
ssh-copy-id <username>@<host>

You can now connect to the server using ssh keys.
Windows
Spoiler Expand
In Progress...

III. Disable password authentication!
Spoiler Expand
1. Just run this command to disable
Code:
echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config
2. Restart sshd
Code:
systemctl restart sshd

IV. Install fail2ban
CentOS
Spoiler Expand
1. Install
Code:
yum install epel-release #Needed repo
yum install fail2ban
2. Run and enable run at startup
Code:
systemctl enable fail2ban
systemctl start fail2ban
Debian
Spoiler Expand

Code:
apt-get install fail2ban
2. Run and enable run at startup
Code:
systemctl enable fail2ban
systemctl start fail2ban
http://FreeVPS.club - Free VPSs!
Reply
#2
Does this work to protect vps from hackers?

Google translate
• Owner And Founder Vaerity Pixel •

my partner ! :
1. Jambu Squad
2.Venity Indonesia
3. Radeon Network
4.Maxxy Enterprise
Reply
#3
@chanalku91
Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.

fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)
http://FreeVPS.club - Free VPSs!
Reply
#4
@chanalku91 these security tips can help your VPS from hackers (simple hacking) preventing to enter your VPS but advance hackers is different. There are many ways to hack, so suggested is that you secure your VPS internally and externally, what I mean by externally is that your VPS is protected by 3rd party like having a DDoS protectection etc etc.
Reply
#5
for me i still use normal password authentication . Nice tutorial i probably will do it later but still private key is much secure than normal password because private key is much longer than password and on top of that you need the password so its a win win in term of security
Terminal
Thanks To Virmach And Post4VPS for the glorious VPS9

[Image: 76nttN]
Reply
#6
(05-07-2018, 02:55 PM)Conan Wrote:  @chanalku91
Will prevent most of the automated bruteforce attacks. Using a nondefault user will make the bruteforce multiple times harder. + disabling password auth makes it nearly impossible.

fail2ban helps to rate limit bruteforcers too. (Doesn't really matter if you disabled password auth as they cant bruteforce your server lol)

Awesome! Now I do not need to fret with the extreme hacker hacker weaponry
• Owner And Founder Vaerity Pixel •

my partner ! :
1. Jambu Squad
2.Venity Indonesia
3. Radeon Network
4.Maxxy Enterprise
Reply
#7
@humanpuff69
Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts
http://FreeVPS.club - Free VPSs!
Reply
#8
(05-08-2018, 04:32 AM)Conan Wrote:  @humanpuff69
Well atleast install fail2ban so you dont get hacked. fail2ban ratelimits the attempts

I already installed it now thanks for your suggestion . I used to used it on my old vps and when my vps get spammed the cpu usage for fail2ban just gone crazy . But it does protect the server
Terminal
Thanks To Virmach And Post4VPS for the glorious VPS9

[Image: 76nttN]
Reply
 


Forum Jump:


Users browsing this thread: 1 Guest(s)

Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - SSDBlaze - VPSlices - Abc-Hosters


About Post4VPS

Post4VPS is a forum/destiny where you can Delploy Your Free VPSs just by the Power of Posts.

We Provide VPSs of many locations like Germany,US,Canada,France,London,etc.

We also Provide VPSs of Both Linux and Windows OS.