# How do you protect your server?



## Scopehosts (Jan 14, 2015)

how do you protect your VPS or dedicated server from any kind of attacks?

does your hosting provider suggest you any alternative for this?


----------



## MannDude (Jan 15, 2015)

Are you a service provider?

One would hope that a service provider would be aware of the required practices of locking a server down. For a better answer you can check out some of these threads regarding this:








Those will certainly get you on the right track.


----------



## k0nsl (Jan 15, 2015)

I don't mean to be _*"that guy"*_ but I got the following impression: the influx of his topics being mere attempts to bolster post count...but then again, I am a somewhat suspicious person and I could be wrong, but I got a sixth sense for bullsh*t  



MannDude said:


> Are you a service provider?


----------



## Hxxx (Jan 15, 2015)

...

i got the impression this will soon be another WHT with random threads about obvious things.


----------



## winnervps (Jan 16, 2015)

Hxxx said:


> ...
> 
> i got the impression this will soon be another WHT with random threads about obvious things.


Agree.. Someone should take action, indeed.  But who?


----------



## Aurimas (Feb 13, 2015)

1. [SIZE=12pt]The first thing that you should do is to disable all unnecessary scripts that are being used. For example, such as passthru or proc_terminate.[/SIZE]

[SIZE=12pt]2.[/SIZE][SIZE=12pt]Also there is a necessity to secure your VPS by installing some kind of programs. [/SIZE][SIZE=11pt]RootKit Hunter[/SIZE][SIZE=12pt] or [/SIZE][SIZE=11pt]CHKRootKit[/SIZE][SIZE=12pt] would work just fine in this case. [/SIZE]

[SIZE=12pt]3. [/SIZE][SIZE=12pt]Another suggestion would be securing configuration file (.conf) systems like host, sysctl and nsswitch. [/SIZE]

4. [SIZE=12pt]Furthermore, consider stopping the system resource intensive tools. One of them could be ClamAV or MRTH on the system. [/SIZE]


----------



## GS-Dylan (Feb 13, 2015)

A good place to start so people can answer this a little better is what OS you are running, linux or windows? Also what type of services do you plan on providing with this server.


----------



## ZotiMedia (Feb 27, 2015)

I will add the *Google 2 Authentication *as a security action.


----------



## ICPH (Mar 14, 2015)

Im using ConfigServerFirewall and SSH is at non-standard port. The failed login attempts are handled by firewall.


----------



## TierNet (Mar 16, 2015)

We are using Hardware Firewall for our Servers, along with software firewall like csf and use captcha wherever required.


----------



## Amitz (Mar 16, 2015)

What's your budget?


Did you take a look at the offers section?


----------



## weloveservers (Mar 30, 2015)

Scopehosts said:


> how do you protect your VPS or dedicated server from any kind of attacks?
> 
> does your hosting provider suggest you any alternative for this?


We utilise CSF firewall to combat DOS attacks, also a non-standard port for SSH since it stops bruteforce attempts.


----------



## Minmeo (Mar 31, 2015)

I use fail2ban on server with no panel but on cPanel use CSF.


----------



## Licensecart (Mar 31, 2015)

APF, BFD, Passphrase login, SpamAssassin is all I use.


----------



## lolitseasy (Apr 5, 2015)

+1 for fail2ban


----------



## Hostissimus (Apr 14, 2015)

What is your badge? OS you are using? Do you want to protect only your site, or selling shared / reseller plans?


----------



## cociu (Apr 18, 2015)

by a made firewall, good solution


----------



## RLT (Apr 18, 2015)

Leave it in the shipping carton in the locked storeroom. The only way to keep a server fairly safe. All the others are just a nuisance to a true cracker who really wants in.


----------



## GreenLionNet (Apr 21, 2015)

We use hardware firewall to keep the server safe and protected from any threats or spamming activity.


----------



## VPS4LESS (Apr 21, 2015)

We run WatchGuard firewalls in front of our MikroTik cloud Core routers with firewall protection.


----------



## GreenLionNet (May 9, 2015)

We use Software and Hardware Firewall to protect our servers and also have DDOS protection to avoid DDOS attack.


----------



## Gang Starr (May 10, 2015)

1) Install hardware firewalls in addition to the software firewall on the hostnode.

2) Configure the hostnode firewall accordingly.

3) Get a good DDoS protection service for your servers.

4) For remote access via SSH use the ssh public key auth method only and set root login to "without-password" (use keys above 4096 Bit with a strong passphrase).

5) Keep your operating system up to date at every point in time.

6) Keep any software you use up to date and take care of installing important security fixes ASAP and AFAP.

7) Monitor your servers for uncommon traffic and actions and stop these instantly (fail2ban and similar software can help here)

8) Don't let anyone else access your servers than you.

9) Encrypt all disks if you have the possibility.

The order is not really right but this are some really important things.


----------



## samK (Jun 9, 2020)

Change *Your* Default SSH Login. ...
Use *The* Latest Software Versions. ...
Monitor *Your VPS Server* Logs. ...
Set Up *Your* Firewall. ...
Make Sure *Your Server* Is Malware-protected. ...
*Protect* Against Brute-force *Attacks*. ...
Control User access. ...
Keep Calm And Perform Backups.


----------



## markmic1 (Dec 13, 2020)

Wondering how to Sell Your House fast in Calgary? - Call Mr. Home Buyer who will buy your house for cash in Calgary AB. Trusted cash home buyers who buy houses in any condition. We buy Houses Fast all over the city. NO REPAIRS - NO COMMISSION - NO CLEAN UP - NO WAITING Fastest way to Sell your House.


----------

