• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Articles
  • News
  • Events
  • Advertize
  • Jobs
  • Courses
  • Contact
  • (0)
  • LoginRegister
    • Facebook
    • LinkedIn
    • RSS
      Articles
      News
      Events
      Job Posts
    • Twitter
Datafloq

Datafloq

Data and Technology Insights

  • Categories
    • Big Data
    • Blockchain
    • Cloud
    • Internet Of Things
    • Metaverse
    • Robotics
    • Cybersecurity
    • Startups
    • Strategy
    • Technical
  • Big Data
  • Blockchain
  • Cloud
  • Metaverse
  • Internet Of Things
  • Robotics
  • Cybersecurity
  • Startups
  • Strategy
  • Technical

Unmanaged Virtual Private Server: Keeping It Secure

Luke Pitman / 7 min read.
December 21, 2018
Datafloq AI Score
×

Datafloq AI Score: 57.33

Datafloq enables anyone to contribute articles, but we value high-quality content. This means that we do not accept SEO link building content, spammy articles, clickbait, articles written by bots and especially not misinformation. Therefore, we have developed an AI, built using multiple built open-source and proprietary tools to instantly define whether an article is written by a human or a bot and determine the level of bias, objectivity, whether it is fact-based or not, sentiment and overall quality.

Articles published on Datafloq need to have a minimum AI score of 60% and we provide this graph to give more detailed information on how we rate this article. Please note that this is a work in progress and if you have any suggestions, feel free to contact us.

floq.to/v3FOp

Virtual Private Servers (VPS) is undoubtedly the future of web hosting. A VPS refers to a virtual machine or virtual server, installed on a computer that is simultaneously accessed by many end users or websites seems to be a dedicated server. Also referred to as a virtual dedicated server (VDS), the VPS technology employs powerful virtualization techniques to create several partitions on one physical server. Each part runs its own Operating Systems hosting different resources for different users.

Unmanaged VPS hosting

Typically, a customer chooses a self-managed (unmanaged) VPS hosting if they want complete control of the VPS hosting service solution, free from the influence of a service provider. To learn more about VPS hosting and how it works, see this tutorial. A user needs enough skills to establish and manage a web server without external help.

Why unmanaged VPS is preferred

In many ways, an unmanaged service has more merits than demerits compared to its counterpart.

  • The user has autonomous control.

  • The VPS setup can be customized to meet specific needs and objectives.

  • There’s no need to spend on purchasing resources or power on the server, which makes it relatively cost-efficient.

  • One does not rely on external technical support from the provider, which is often unresponsive.

  • It’s perfect for businesses with high bandwidth upsurges.

  • Programs that are not offered on shared hosting platforms can be used here.

Securing your unmanaged VPS

With the freedom that comes from total flexibility, additional administration tasks await. Server management fully relies on the user, and it’s therefore important that one is sufficiently capable of setting up robust security measures.

Below I’ve outlined several steps to ensure your servers, data, and resources remain healthy.

  1. Use a strong password

A weak password will undermine all your security efforts. Good security practices start with a strong password. The more complex a password is, the more resistant it is to brute-force attacks. As long as you stick to the length and complexity password regulations you’ll be fine.

It also goes without saying that passwords should never be shared. Don’t write down your passwords because someone else might see.

  1. Change Default SSH port

SSH is a Linux tool employed by users to remotely connect to their servers. It should always be updated. Many attackers use port 22 to hack into the system, therefore, it’s recommended to change the port number to a different one.

To do this, edit the /etc/ssh/sshd_config file, use a port that is unused by another service and is less than 1024 (privileged ports).

  1. Disable root SSH access

The root account is highly privileged. If a rogue element accesses it, you’re done for. Create a standard user account then disable the root SSH access.

For CentOS and Fedora:

  • Log into the server (Replace the username with the name of a user)

  • On the command prompt, type;

  • useradd username

  • passwd username

  • visudo

  • Add username ALL = (ALL) ALL

For Debian and Ubuntu:

  • Log into the server (Replace the username with the name of a user)

  • On the command prompt, type;

  • adduser username

  • apt-get install sudo

  • usermod ‘a ‘G username to add the user to the sudo group.

  1. Regular Server Updates

Discovering security vulnerabilities, (like the Heartbleed OpenSSL vulnerability) and constant patching is crucial procedures that should be adhered to. Boost a server regularly with the latest security patches and the latest fixes.

To download and install the latest updates for CentOS and Fedora:

Type yum ‘y update .


Interested in what the future will bring? Download our 2023 Technology Trends eBook for free.

Consent

To download and install updates for Debian and Ubuntu:

Type apt-get -y update && apt-get ‘y upgrade .

  1. Set up a firewall

It is possible to specify security rules based on port numbers. Thus, a firewall gives you the ability to control both incoming and outgoing network traffic packets.

Firewalls can be set up either using iptables or Advanced Policy Firewall (APF). With both, you can explicitly block or grant access to specific IP addresses and specific selected services from the network or the server.

  1. Set up fail2ban

Fail2ban program is a very useful feature used to monitor log files for suspicious activity like intrusion attempts. If a certain host service or IP address has been blocked several times (A pre-set number of times), fail2ban will consequently block it for a certain duration of time. It is very reliable for scripted attacks.

After the installation, configure it by specifying which IP address or which hosts the program should block or ignore. You can configure how much time a hostname/IP address will stay banned, and how many failures one is granted before being blocked.

  1. Monitor your server

Ensure you know everything about your system; when an update is made, when user accounts are created, and which software requires new updates, among other important information.

Run a few of these commands to ensure that the system runs as expected:

  • netstat ‘anp ‘ It checks for unauthorized programs on ports.

  • ls /var/log/ Runs frequent log checks on the logs on the server.

Install and run these third-party tools to detect abnormalities:

Rkhunter – For vulnerability scans.

Logwatch – For monitoring server activities.

Tripwire – To monitor files and changes.

  1. Secure Apache

Apache must be constantly secured from malicious attacks. Employ ModSecurity. ModSecurity allows one to set up and configure certain rules and guidelines for which any connection found to be a mismatch will automatically be blocked.

Install ModSecurity by following these steps;

WHM/Home/Plugins/ModSecurity .

As a best practice, use SuPHP to perform both Apache and PHP compilations so that all PHP scripts are run as the user owning them. Thus, any scripts that run will be easily identified through the user running them and the location of any malicious scripts can easily be uncovered.

  1. System Compilers

Compilers should be disabled for user accounts unless the account exists in the compilers group file.

Disable the compilers either from the command line or the WHM compiler interface. Use:

/scripts/compilers off for command line or;

WHM/Home/Security Center/Compiler Access for WHM compiler.

  1. Make Regular Backups

Ensure regular backup your VPS data is made. If anything like an accidental deletion takes place, one can easily retrieve lost data by rolling back to an earlier state or one can restore the information that had been saved somewhere else.

It’s possible to build your own backup solution using any cloud platform that suits your organization best. It is also possible to use 3rd party backup services like Acronis for this purpose.

  1. Anti-virus and Anti-malware

Use a reliable anti-malware engine like ClamAV to run virus and malware scans.

It is a control panel plugin that can be installed by following these steps;

WHM/Manage Plugins/Check Install and keep updated’ checkbox.

Click save.

Conclusion

Remain vigilant – there’s never a once-and-for-all solution when it comes to VPS security. There’s no guaranteed safety on the internet. New technologies crop up every day, thus one must keep their systems updated. If you stick to the recommendation laid out in this article, your odds of staying safe and secure greatly improve, and the chances of getting hacked are greatly reduced. Stay vigilant.

Categories: Cybersecurity, Technical
Tags: security, server, virtualization

About Luke Pitman

Senior Industry Analyst supporting the Global Wireless

Primary Sidebar

E-mail Newsletter

Sign up to receive email updates daily and to hear what's going on with us!

Publish
AN Article
Submit
a press release
List
AN Event
Create
A Job Post

Related Articles

The Advantages of IT Staff Augmentation Over Traditional Hiring

May 4, 2023 By Mukesh Ram

The State of Digital Asset Management in 2023

May 3, 2023 By pimcoremkt

Test Data Management – Implementation Challenges and Tools Available

May 1, 2023 By yash.mehta262

Related Jobs

  • Software Engineer | South Yorkshire, GB - February 07, 2023
  • Software Engineer with C# .net Investment House | London, GB - February 07, 2023
  • Senior Java Developer | London, GB - February 07, 2023
  • Software Engineer – Growing Digital Media Company | London, GB - February 07, 2023
  • LBG Returners – Senior Data Analyst | Chester Moor, GB - February 07, 2023
More Jobs

Tags

AI Amazon analysis analytics application Artificial Intelligence BI Big Data business China Cloud Companies company crypto customers Data design development digital engineer engineering environment experience future Google+ government Group health information learning machine learning mobile news public research security services share skills social social media software solutions strategy technology

Related Events

  • 6th Middle East Banking AI & Analytics Summit 2023 | Riyadh, Saudi Arabia - May 10, 2023
  • Data Science Salon NYC: AI & Machine Learning in Finance & Technology | The Theater Center - December 7, 2022
  • Big Data LDN 2023 | Olympia London - September 20, 2023
More events

Related Online Courses

  • Oracle Cloud Data Management Foundations Workshop
  • Data Science at Scale
  • Statistics with Python
More courses

Footer


Datafloq is the one-stop source for big data, blockchain and artificial intelligence. We offer information, insights and opportunities to drive innovation with emerging technologies.

  • Facebook
  • LinkedIn
  • RSS
  • Twitter

Recent

  • 5 Reasons Why Modern Data Integration Gives You a Competitive Advantage
  • 5 Most Common Database Structures for Small Businesses
  • 6 Ways to Reduce IT Costs Through Observability
  • How is Big Data Analytics Used in Business? These 5 Use Cases Share Valuable Insights
  • How Realistic Are Self-Driving Cars?

Search

Tags

AI Amazon analysis analytics application Artificial Intelligence BI Big Data business China Cloud Companies company crypto customers Data design development digital engineer engineering environment experience future Google+ government Group health information learning machine learning mobile news public research security services share skills social social media software solutions strategy technology

Copyright © 2023 Datafloq
HTML Sitemap| Privacy| Terms| Cookies

  • Facebook
  • Twitter
  • LinkedIn
  • WhatsApp

In order to optimize the website and to continuously improve Datafloq, we use cookies. For more information click here.

settings

Dear visitor,
Thank you for visiting Datafloq. If you find our content interesting, please subscribe to our weekly newsletter:

Did you know that you can publish job posts for free on Datafloq? You can start immediately and find the best candidates for free! Click here to get started.

Not Now Subscribe

Thanks for visiting Datafloq
If you enjoyed our content on emerging technologies, why not subscribe to our weekly newsletter to receive the latest news straight into your mailbox?

Subscribe

No thanks

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Marketing cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

Please enable Strictly Necessary Cookies first so that we can save your preferences!