Password:
To protect your services from cyberattacks such as brute force, please avoid using a simple password. A strong password should be at least 20 characters with a combination of minuscule and majuscule letters, signs, and numbers. You can generate a strong password from the below link:
https://my.norton.com/extspa/passwordmanager?path=pwd-gen
A strong password looks like this:
"pihI?o!h$gi2*reDrLYo"
Please ensure to change your password once a month.
Please keep the password of your server in a safe vault away from the server itself.
OS Update:
Please ensure to update your Operating system as often as possible, especially with Security updates available on OS vendor sites.
Cracked Software:
Please avoid using cracked version software. They are primarily infected with viruses such as Trojan and ransomware type threats. They will affect your services in the short and long term.
As per local and international law, cracked software is illegal and very dangerous for your services and others. We take this very seriously and it is part of our Terms of Services.
Limit access:
Only grant access to trusted users and limit the privileges of each user to the minimum necessary for them to perform their duties. This will help prevent unauthorized users from gaining access to sensitive areas of your VPS.
Disable FTP ports and unnecessary ports:
On your server, you need to determine which ports you want to disable. You can use the netstat command to list all open ports on your server.
Disabling unnecessary ports and services can improve the security of your server by reducing the attack surface. However, it is important to be careful when disabling services, as some services may be required for certain applications or functions to work properly.
Change the SSH port:
To change the SSH port on your Linux server, you can follow these steps:
- Open the /etc/ssh/sshd_config file in a text editor.
- Find the Port option and set it to the desired port number. For example, to change the SSH port to 2222.
- Save the file and exit the text editor.
- Restart the SSH daemon to apply the changes.”sudo systemctl restart sshd”
- Open the firewall configuration to allow incoming connections to the new SSH port. For example, on a CentOS server, you can use the firewall-cmd command to allow incoming traffic to the new port:
sudo firewall-cmd --permanent --add-port=2222/tcp
sudo firewall-cmd --reload
Change the popular admin level connection ports ( RDP/SSH/... )
please use any other port rather than the default ports ( ex default ports : 22 , 3389 , ... ).
Changing the SSH port can improve the security of your server by making it more difficult for attackers to find and exploit the default SSH port. However, keep in mind that you will need to update any scripts or applications that use the default SSH port to use the new port.
Malware & Virus Protection:
An enterprise level anti-virus solution is required to be installed on all servers to protect from different kinds of malware.
Scans for malicious software packages or scripts should be performed on boot and at least once a week preferably during midnights, plus enabling real-time scans.
Anti-virus software should be enabled for automatic updates and periodic scans.
