- Make sure you have a secure SSH login password for all accounts. Do not use anything that would be obvious or can be easily guessed.
- You can change your SSH password by typing in the following command: passwd
- Protect your SSH from brute force attempts with Fail2Ban using this guide.
- Change the default port of your SSH service. Instead of using the common port 22, set it to a different port via the config file for your SSH service (this varies between Linux distributions).
- With CentOS, you can change the SSH port in the /etc/ssh/sshd_config file. Just uncomment the line for the port and set it to a value you want. Then restart the SSHd service with this command: /etc/init.d/sshd restart
- Disable any unnecessary services on your server after a fresh install. For example, some distributions of Linux will have the "httpd" (web server) service installed and running by default - you will want to disable that if you do not intend to use it. Please refer to your distro's manuals/guides on how to shut off services/processes.
- Always try to run services as a non-root user if possible.
- You can create non root users with the useradd username command and set their password with the passwd username command.
- Whitelist SSH access. You can use your hosts.allow and hosts.deny files on your server (both usually in the /etc folder) to allow access to SSH on authorized IPs only. You would want to have the "sshd: ALL" line in the hosts.deny file and "sshd: YOURIP" in the hosts.allow file (this may vary depending on the Linux distro). This can also be done via iptables.
- Use iptables to restrict ports/IP and firewall your server against basic network attacks (this can be very complex - you will want to do your research before jumping into this).
Securing your VPS
- 45 Users Found This Useful
Although this guide is for Ubuntu, these same steps may apply to other operating systems/distros....
Install MySQL on your Linux Server This guide is based on a standard install of CentOS - other...
The VPS serial console allows you to access your cloud VPS server with SSH directly from the back...
For this guide, we'll be going over how to install a Minecraft CraftBukkit server on a CentOS 5...
In this guide, we'll be going over how to login to your VPS via SSH terminal/console....