1. Home
  2. Cloud VPS
  3. How to improve security of Cloud VPS

How to improve security of Cloud VPS

RedyHost takes every step required to protect managed VPS hosted in our cloud.

Cloud VPS customers do not have Full Management option for their VPS, thus should be looking after the security of their VPS themselves.

This post includes a number of important steps to make your VPS much more secure and start receiving email notifications if something goes wrong.

1. Stop unnecessary processes

2. Installing and configuring CSF

CSF stands for Config Security Firewall. CSF is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application for Linux servers. For more information about CSF, visit CSF web site. For installation, upgrade and uninstallation instructions visit this knowledgebase article.

To configure CSF visit CSF web site. Alternatively, /etc/csf/csf.conf is the CSF configuration file and it contains comprehensive description of all options.

3. Install ConfigServer eXploit Scanner (cxs)

CXS is a commercial exploit scanner and is available at a very low one-time fee. To order CXS and for installation instructions – visit maintainer’s web site.

4. Setup Logwatch

To install and configure logwatch – visit project’s page.

5. Configure SSH

  • Make sure only SSH v.2 is enabled,
  • Setup SSH to listen on a non-standard port
  • Disable SSH password authentication and setup SSH login with private key.

Read more

6. Install and configure Rootkit Hunter

Rootkit Hunter is an essential tool in detecting possible root compromise and rootkit installation. See installation instructions on Install RKHunter rootkit scanner.

7. Secure /tmp /var/tmp /dev/shm

These are remounted noexec and nosuid to add an additional layer of protection against web script hackers

8. Delete unnecessary OS users

On a standard OS installation many user accounts are created that are not necessary and can therefore pose a security risk.

9. PHP hardening

Dynamic Library loading is disabled, commonly abused php functions disabled, user defined php.ini files disabled if suPHP is already enabled – to help prevent hackers exploiting vulnerable PHP web scripts.

10. Suhosin

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.

11. Exploit check

A check of installed web scripts for known hacking scripts which highlight exploited web applications. Also checks in commonly abused disk directories such as /tmp and /dev/shm for any active exploits as well as a scan of all running processes. Also disabling of any known insecure versions of phpBB is performed to prevent possible compromises. If exploits are found on the server, the compromised account will be suspended and we will notify you of the location of the exploits – this does not include restoring any compromised web files

12. Malware scanner

Malware scanner helps identify existing malware and prevent uploading new malware with infected files. Check the excellent Securing your server with maldet article on how to dramatically improve malware defence in your servers.

Updated on 7 June, 2017

Was this article helpful?

Related Articles