cropped-phoenixignitedlogo1.png

Cyber Security Blog

Securing A Linux VPS

This post aims to be a more or less start to finish guide on  securing a linux vps. Links throughout the post direct you to detailed posts on different aspects of linux vps security. We recommend various security solutions (with a focus on open-source) however we do not dive deep into any of them in this post. We do not cover application level security in this post as every application is different, however throughout the post various links will direct you to application specific security guides and solution specific guides. 

Access Management

If the gate is open and the drawbridge down, why scale the walls? The first steps to take when securing your linux vps is to secure the entry points. This includes strong passwords, 2FA where possible, utilizing ssh keys rather than passwords for ssh access, and disabling root access at the minimum.

User Access

Always grant access rights based on a minimum access policy, basically if a user has no need of certain permissions they shouldn’t have them. Keep strict control over who has access to your vps.

The Power of Sudo -Disable Root Access-

Root@HostIP is the most common username on linux servers across the internet yet your username is just as valuable as your password, if an attacker doesn’t know your username, they can’t even attempt to crack your password. Disabling root access and creating another sudo account with a unique username is your first line of defense. View this post on creating a sudo admin and disabling root access to your server.

Strong Passwords & 2FA

Be sure that all of your accounts and logins associated with your vps are protected with strong passwords and 2FA where available.

Implement SSH Keys

Implementing private and public keys for ssh access and disabling access via user password hardens your system against brute force attacks, passwords being intercepted during login and user auth, and is required by law and regulation in some instances.

Monitor SSH Access

Setup your system to alert you via email every time a user attempts to log into your vps via ssh.

Block IP's that Repeatedly Fail Password Authentication via SSH

Setup your system to lock-out ip’s that repeatedly get passwords wrong during user authentication via ssh. Fail2Ban is a recommended app for doing just this. See our post here on how to setup Fail2Ban.

Firewall

Implement a strong firewall policy strictly controlling what incoming and outgoing traffic is and is not allowed. For a detailed firewall setup guide see this post.

Brute Force Protection

Antivirus & Malware Detection

IONOS - Official Partner
Github Codepen Linkedin X-twitter Flickr Medium Reddit

+ Ave Maria +