When you first setup a VPS it’s all too easy to get tied up into believing you have the security of your system all covered. In-fact it is necessary to take extra care in ensuring your VPS is safe from hackers or potential security breaches.
The steps shown below are a good way to secure your Linux server, however there is an extensive list of ways to harden the security of your server at TheFanClub.
Why you should be securing your server provided by your VPS Provider? Firstly, when you signed up to an account with your VPS you provided a password for your root account. This password is stored somewhere in your provider’s database. The point here is your VPSs’ password would be stored in your provider’s database, available to any hacker or system that compromises your provider’s database.
Changing your root password
Assumed you are already logged in via SSH to your VPS use the following command to change your root password.
You will then be prompted to enter a new password.
Create a secondary Administration account
Use the following command to create a secondary administration account.
Now we need to add that username to the administration group of Linux users on your system.
sudo groupadd admin
sudo usermod -a -G admin <YourNewAdminUsername>
sudo dpkg-statoverride –update –add root admin 4750 /bin/su
Change SSH port and Disable Root Login
**** Important create a secondary administrator account first ****
SSH is already one of the most secure ways to connect to a Linux box. However by disabling root login and only allowing a secondary administration account to login will add a whole new dimension to your server’s security. For example the hacker or system would now need to determine the other administrator’s username to login into the system as well as their password.
sudo vi /etc/ssh/sshd_config
Change or add the following and save
Port <ENTER YOUR PORT>
sudo /etc/init.d/ssh restart
More ways to secure your system
This guide should have pointed you in the right direction in taking the necessary steps to secure your Linux system. For more options in securing your system go to thefanclub.co.za.