What to do following the launch of your anonymous VPS
In this article we have listed everything that can help you start operating your VPS server at peak efficiency, this includes choosing the correct OS (Operating System), troubleshooting any common start-up errors, and optimising server configurations. These are all crucial steps that guide you into the direction of a healthy VPS server that will perform and act based on your preferences and liking.
Update Your Server and Packages
First things first, update your server and those packages. This ensures that you're protected against known bugs and security vulnerabilities.
On an Ubuntu server:
sudo apt update
sudo apt upgrade
For a CentOS 7 server:
sudo yum check-update
sudo yum update
And on a Windows server, navigate to Settings > Windows Update.
Fail2Ban
Whatever your VPS is dedicated towards doing, it will face attacks. Bots constantly scan IP addresses for VPS servers to brute force their passwords. Fail2Ban is a crucial tool that helps you with mitigating these attacks by banning malicious IPs after a set number of failed login attempts. You can set up Fail2Ban quickly by following this step by step guide:
1. Installing Fail2Ban
On Ubuntu or Debian:
sudo apt install fail2ban -y
On CentOS:
sudo yum install epel-release -y
sudo yum install fail2ban -y
2. Configuring Fail2Ban
Fail2Ban uses configuration files located in the "/etc/fail2ban directory". The main configuration file is "jail.conf", but it is recommended to create a copy of this file and name it "jail.local" to avoid overwriting your settings during updates.
Creating the jar.local file:
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
Editing the jar.local file:
sudo nano /etc/fail2ban/jail.local
3. Basic Configuration
You can set up the parameters within the jail.local file, such as:
[DEFAULT]
# Ban IP for 1 hour
bantime = 3600
# Number of retries before banning an IP
maxretry = 5
# Findtime is the duration within which the specified number of failures (maxretry) should occur to ban the IP.
findtime = 600
# Action to take
backend = auto
4. Enable Jail for SSH
For protecting SSH with Fail2Ban, add the following in jail.local:
[sshd]
enabled = true
port = ssh
logpath = /var/log/auth.log
maxretry = 5
5. Starting Fail2Ban
Start Fail2Ban and to enable it to start on boot of the machine:
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
6. Verifying Fail2Ban status
You can check the status of Fail2Ban for a quick check to see if it is functioning properly:
sudo systemctl status fail2ban
7. Monitor Fail2Ban logs
You can also check the logs of any banned IP addresses, use this:
sudo fail2ban-client status
sudo fail2ban-client status sshd
8. After making any changes to Fail2Ban configuration files, restart
sudo systemctl restart fail2ban
Change Your RDP/SSH Port
Automated attacks typically target the default RDP and SSH ports. Changing these ports reduces the number of attack attempts, lowering the risk of a successful breach and decreasing server load. The default RDP port is 3389, and the default SSH port is 22. If your server uses these ports, it would be the smarter decision to change them.
Here’s how:
sudo nano /etc/ssh/sshd_config
Scroll down until you find the line that includes #Port 22. This line is commented out by default, and the number 22 represents the default port. Remove the # to uncomment this line and change 22 to your desired port number such as 61189.
Once done, press Ctrl + X, then Ctrl + Y, and finally press Enter to save the changes and exit nano.
Create a Non-Root Account
At first, you might log into your root account on Linux or Admin account on Windows. We recommend you create a non-root account for running applications or hosting services. Running applications as the root user grants them elevated privileges, which can cause an attack to be more harmful. Additionally, using the root account increases the risk of accidentally executing harmful commands. Using the root account should only be for when executing specific tasks.
Set Up Server Monitoring Tools
As a server admin, monitoring tools can help you with detecting any irregular behaviour with your server sooner than later. Tools like iostat, htop, and netstat help you track your server's load, disk usage, and network performance.
By following all of these steps, you'll make sure that your VPS is secure, efficient, and ready for whatever you’ll be using it for.