- Make sure you have a secure SSH login password for all accounts. Do not use anything that would be obvious or can be easily guessed.
- You can change your SSH password by typing in the following command: passwd
- Protect your SSH from brute force attempts with Fail2Ban using this guide.
- Change the default port of your SSH service. Instead of using the common port 22, set it to a different port via the config file for your SSH service (this varies between Linux distributions).
- With CentOS, you can change the SSH port in the /etc/ssh/sshd_config file. Just uncomment the line for the port and set it to a value you want. Then restart the SSHd service with this command: /etc/init.d/sshd restart
- Disable any unnecessary services on your server after a fresh install. For example, some distributions of Linux will have the "httpd" (web server) service installed and running by default - you will want to disable that if you do not intend to use it. Please refer to your distro's manuals/guides on how to shut off services/processes.
- Always try to run services as a non-root user if possible.
- You can create non root users with the useradd username command and set their password with the passwd username command.
- Whitelist SSH access. You can use your hosts.allow and hosts.deny files on your server (both usually in the /etc folder) to allow access to SSH on authorized IPs only. You would want to have the "sshd: ALL" line in the hosts.deny file and "sshd: YOURIP" in the hosts.allow file (this may vary depending on the Linux distro). This can also be done via iptables.
- Use iptables to restrict ports/IP and firewall your server against basic network attacks (this can be very complex - you will want to do your research before jumping into this).
Securing your VPS
- 45 Users Found This Useful
This is a list of frequently used Linux SSH/shell commands. It may not apply to all Linux...
For this guide, we'll be going over how to install a Minecraft CraftBukkit server on a CentOS 5...
We have an automated anti-abuse system that may suspend your VPS if there is any abusive activity...
To run your very own Team Fortress 2 server on a BeastNode VPS (running CentOS 6 64-bit, not...
Installing Minecraft: Pocket Edition servers has never been easier with the advent of Nukkit (the...