Post Reply 
Secure your VPS now! [with a How-to]
03-03-2012, 08:25 AM (This post was last modified: 08-20-2012 07:29 PM by Dusørjæger.)
Post: #1
Secure your VPS now! [with a How-to]
Securing your VPS from FreeVPS is vital, there has been many occurrences of people's VPSs being hacked. That's the last thing you want happening to your VPS, so it's best to take steps to avoid it.

Passwords are everything.

The rule of thumb is don't use obvious passwords, or as the passwd command likes to tell you passwords based on a dictionary word are BAD PASSWORDS. Try not to make your passwords exceptionally short, or easily guessed like mark1, it wont take long for a bot to get into your VPS if you have a password like that. Try and make your passwords long, include capital letters and include punctuation to make it more complex and hence harder to crack. Also don't store your passwords in an obvious place that people can find!

Eliminate the possibility!

You can stop those bot's trying to log in by disabling root password authentication on your SSH client. I am assuming you're running sshd (default SSH daemon), open your favourite text editor and edit the /etc/ssh/ssh_config and uncomment the line PasswordAuthentication yes, and change it to PasswordAuthentication no. If the line does not exist, create it! To replace logging in with your root password you can either create another user to replace or use SSH keys (preferred).

To use SSH keys you may follow this guide which explains it all in detail.. http://www.cyberciti.biz/faq/ssh-passwor...tication/.

A few more suggestions to secure your VPS are as follows:
It's best not to take these as gospel but it will certainly help.

Restrict MySQL.

If you run phpMyAdmin or something similar, make it accessible only by your IP. Also make sure you have MySQL limited to localhost and not external hosts.

Keep your OS updated.

Run yum -y update or apt-get -y update depending on your OS regularly to keep your system up to date, this will ensure you have the latest security fixes etc.

Install DenyHosts.

It can be used to specifically allow your own IP only. Simple.

http://www.cyberciti.biz/faq/block-ssh-a...denyhosts/ - Debian variants
http://www.cyberciti.biz/faq/rhel-linux-...e-attacks/ - RHEL variants

Stop using FTP!

Why use FTP when you can use SFTP and it's built in with your SSH server?

"I like to put random quotes, to make myself look clever."
- WiseMannnn
User Tools
Quote this message in a reply


03-03-2012, 08:30 AM
Post: #2
RE: [DO-IT!] Secure your VPS now! [w. How-to]
Wow. Nice job Infinity. This is very helpful! Quick question: why can't you stop the sshd service and use the console the provider gives you to enable it when it is needed?

Cody Maverak
User Tools
Quote this message in a reply
03-03-2012, 08:31 AM (This post was last modified: 03-03-2012 08:32 AM by Infinity.)
Post: #3
RE: Secure your VPS now! [with a How-to]
(03-03-2012 08:30 AM)Cody_Maverak Wrote:  Wow. Nice job Infinity. This is very helpful! Quick question: why can't you stop the sshd service and use the console the provider gives you to enable it when it is needed?

Because that's impractical. You could do that if you really wanted. I personally wouldn't rely on that though, it tends to be slower too.

"I like to put random quotes, to make myself look clever."
- WiseMannnn
User Tools
Quote this message in a reply
03-03-2012, 08:34 AM
Post: #4
RE: Secure your VPS now! [with a How-to]
From my experience, the console in the control panel of the provider is most of the times a big hassle to use... it often comes as a Java applet, which often doesn't connect to the server that provides the raw console access.

My blog
[Image: fs.php]
User Tools
Quote this message in a reply
03-03-2012, 08:36 AM (This post was last modified: 03-03-2012 08:36 AM by Infinity.)
Post: #5
RE: Secure your VPS now! [with a How-to]
Well SolusVM does give you SSH details (w. username, pass and port) but still..

"I like to put random quotes, to make myself look clever."
- WiseMannnn
User Tools
Quote this message in a reply
03-03-2012, 08:38 AM
Post: #6
RE: Secure your VPS now! [with a How-to]
But I am saying that you turn off sshd through ssh, then turn it on in console and use ssh from there. That would stop any hackers

Cody Maverak
User Tools
Quote this message in a reply
03-03-2012, 08:42 AM
Post: #7
RE: Secure your VPS now! [with a How-to]
I'm not getting you, turning it off and on in console or SSH is the same thing. They're both controlling the same container.

"I like to put random quotes, to make myself look clever."
- WiseMannnn
User Tools
Quote this message in a reply
03-03-2012, 08:43 AM
Post: #8
RE: Secure your VPS now! [with a How-to]
Thanks for sharing.I have one question?if we have a vps for 1 year.how many time we have to update our vps or it depend our os.what kind os take less space?

hi everyone WinkCool l
[Image: coollogo_com-307182676.gif]
User Tools
Quote this message in a reply
03-03-2012, 08:44 AM
Post: #9
RE: Secure your VPS now! [with a How-to]
But no one gets access through the console. So if ssh is off, hackers can't get into the VPS. Only you can access it...

idk, it just seems easier to me this way

Cody Maverak
User Tools
Quote this message in a reply
03-03-2012, 08:44 AM (This post was last modified: 03-03-2012 08:46 AM by Infinity.)
Post: #10
RE: Secure your VPS now! [with a How-to]
(03-03-2012 08:43 AM)casper253 Wrote:  Thanks for sharing.I have one question?if we have a vps for 1 year.how many time we have to update our vps or it depend our os.what kind os take less space?

I'd say update it at least every month, but it's up to you. Debian takes up very little space although there must be lighter one's around and about.

(03-03-2012 08:38 AM)Cody_Maverak Wrote:  then turn it on in console and use ssh from there

That just confused me, I think I know what you're getting at. I think you mean disable SSH and use the console soley instead which would work.

"I like to put random quotes, to make myself look clever."
- WiseMannnn
User Tools
Quote this message in a reply
Post Reply 


Forum Jump:



User(s) browsing this thread:
1 Guest(s)