Tips that will help you Secure your Linux VPS
In the 21st century, online security can be a sensitive topic, that a lot of people might not want to address. Some say “oh, that will never happen to me”, or the classic “I have nothing to hide”. Whatever might be the case, security is a thing that should be taken very seriously, even if it is not related to your bank account. Same goes for your virtual private server. Whatever project you might be working on, poor security can mean a catastrophic breach or a minor inconvenience, but really that is still no excuse to ignore security. Most hosting companies set up solid security measure, for example, Hostinger, hostinger.com/virtualps/ uses some sophisticated tools to protect its users, but that may not be enough.
This article will help you pick up some good practices that will change the security status of your virtual private server. Some of these practices require technical knowledge, some are going to be very simple and will affect security in varying ways. You might have your own security routine that you swear by, that’s good, but this might give you some ideas on how to improve it, and if you’re entirely new to this, then you can start building your habits from here.
Passwords are key
The perfect place to start and get out of the way is the elephant in the room – passwords. Whatever you do, don’t make your password “password.” “It’s so obvious that no one will think to try it” doesn’t work here. Brute-force attacks are the most common tools for cracking a password. It pounds your machine with possible entries until it gets the right one. The best way to protect yourself here is to create a password that contains capital and lowercase letters, symbols and numbers. Think “p4$$w0rD.”, instead of “password.” The longer, the better.
The second worst thing you can do is using the same password for multiple accounts. That’s just poor internet hygiene. The best practice is using services like 1password, Dashlane or just memorizing different kinds of passwords, made under the guidelines mentioned above. One may ask why. Well, imagine your email account was compromised, and someone found out the password to your email, which you use your social media or VPS. All they have to do is use that password to log into your hosting account, and they’re already halfway there to control your project.
Here we’ll be going into some more technical notes. Look at them as guidelines on which you should follow up. If we were to provide a how-to, this article would be much much longer.
Take the attitude you have towards spring cleaning and apply it to your VPS habits. The idea is that you don’t keep what you don’t use because the thing that you don’t use are potential entry points for various threats.
The first thing you should do is disable unused network ports. Unused ports serve as just another potential open door or window, through which a hacker can compromise your operation. A couple of quick commands entered into the terminal should fix that right up in minutes.
Secondly, it’s a good practice to disable root logins. Looking back towards the password section, in this regard, you have the possibility to block the chance of brute-force attacks entirely. By disabling root logins, you’d need to use the “sudo” command. This process is a little bit too lengthy to explain here, but it is worth it.
Lastly, we need to cover packages and modules. Just like in real life, same with projects, hoarding is a terrible habit. Every extra module or package, especially unused or undesired one is a potential security vulnerability. Getting rid of them is an excellent way of making sure that you’re closing off potential gateways for threats.
Don’t ignore updates
Most of us have developed a habit of pushing updates off. Phone updates, computer updates, firmware updates. We tend to take them as inconveniences, or always get stuck with them as soon as we sit down to work. Next thing we know, we’re overdue for weeks. You’d think that it isn’t that much, what’s the worst that can happen? Well, updates normally bring security feature improvements with each one. Leaving yourself outdated is essentially leaving the door closed but unlocked. The two main things you want to update as soon as you can is your OS, whatever distribution you may be using and secondly, your content management system. These two are the most important ones to keep up to date.
Build a wall
Not just any wall. A firewall. That is the first line of defense that separates you, from the no-mans-land that is the internet. Keeping it updated, adequately configured following your needs and online is a surefire way to improve your security.
These practices can be considered standard, but they are too often overlooked. Follow these practices, establish your own routine and secure your VPS. Remember, it pays to be secure.