• Hello and welcome! Register to enjoy full access and benefits:

    • Advertise in the Marketplace section for free.
    • Get more visibility with a signature link.
    • Company/website listings.
    • Ask & answer queries.
    • Much more...

    Register here or log in if you're already a member.

  • 🎉 WHV has crossed 10,000 monthly views and 50,000 clicks per month, as per Google Analytics! Thank you for your support! 🎉

Best Ways to Secure a VPS from Bruteforce & DDoS?

johny899

johny899

New Member
Content Writer
Messages
131
Reaction score
2
Points
23
Balance
$85.3USD
You've got a VPS? That's cool! Whether you are hosting a website, game server, or just experimenting, you need to secure it. And guess what? Hackers prefer to target new or unsecured servers. Let me demonstrate some simple and best methods to secure a VPS from bruteforce and DDos attacks Close Unused Ports.

Here are Methods to Secure a VPS from Bruteforce & DDoS?​

Hackers will seek open ports as an entryway into your server. The fewer ports open, the less convenient it is for them.

Here's what you do:​

  • Alter your SSH port (the one you login with). Don't use the standard 22. Choose a random number such as 2222.
  • Utilize a firewall such as UFW. It allows you to block all the ports and only open the ones that you absolutely need.
  • Want to get extra secure? Use port knocking. You "knock" on a secret method to allow your port for a few secons.

Why have the front door open when you don't have to?​

Use SSH Keys Rather Than Passwords​

Passwords may be guessed. SSH keys can't (not yet anyway).

Here's how to arrange it:
  • Create SSH key pairs on your machine.
  • Paste the public key onto your VPS.
  • Disable password login in your server configuration (PasswordAuthentication no).
Now only those who have your private key can log in. No more bruteforce fears!

Methods to Shield Against DDoS Attacks​

A DDoS attack is when one person directs mountains of phony traffic to bring your VPS crashing down. It's like a jam on your server.

Here's how to resist:​

  • Use Cloudflare. It obscures your VPS IP and prevents nasty traffic from reaching you.
  • Install Fail2Ban. It monitors nasty login attempts and blocks those IPs.
  • Use rate limiting to prevent one IP from sending a flood of requests too quickly.
No system is flawless, but these steps go a long way.

Keep Everything Up to Date​

Old software is like a broken window. Hackers can slide in.

What to do:​

  • Run updates frequently using apt update && apt upgrade (or your system's command).
  • Update tools such as SSH, Nginx, or Fail2Ban as well.
  • Enable auto-updates to save you time.
Ask yourself: "Do I want a speedy update or a hacked server?" Easy choice.

So, finally, you should give your server the respect it deserves. Because it might be quite difficult to get it repaired if it breaks down.
 
You must log in or register to reply here.

Support / Help Desk

Blog - (WHV)

Hosting Reviews

Navigation

  1. WHV Forums
    1. WHV - Announcements
    2. General Discussion
    3. Introduction
    4. Web Hosting Forum
    5. Help
    6. News
  2. Marketplace
    1. VPS Offers
    2. Dedicated Server Offers
    3. Shared Hosting Offers
    4. Reseller Hosting Offers
    5. Other Offers (Not Hosting)
    6. Domains
  3. Web Hosting Discussion
    1. Hosting Software & Control Panels
    2. Other Hosting Tutorials
    3. Reviews
    4. Articles
    5. Offtopic
  4. Web Hosting Tutorials
    1. cPanel Tutorials
    2. WHM Reseller Tutorials
    3. DirectAdmin Tutorials
    4. Blesta Tutorials
    5. WHMCS Tutorials
  5. Hosting Extensions
    1. WHMCS Market
    2. Blesta Market
    3. HostBill Market
Top