Most people who own a business themselves generally prefer VPS hosting over shared hosting due to the customization and configurations provided by VPS hosting. Aside from that, Linux VPS hosting allows users to use their desired Linux operating system, such as Ubuntu, Mint, Debian, and so on
However, as much as how secured Linux operating system is, given enough time to any dedicated hackers, any kind of system can be attacked. Your VPS can also be hacked if any malware is installed into the virtual machine or transferred from a local machine by any user.
The following steps are what you can do as an owner of a Linux VPS Server.
1. Always Keep The Server Software Updated
It is quite convenient to keep all the software, modules, and components updated using the rpm/yum package manager for CentOS and REHL or apt-get for Ubuntu and Debian. You can even get a yum package update notification via email by configuring the operating system. Setting up a cronjob allows it to help you apply all available security updates automatically.
If your VPS uses a panel such as cPanel or Plesk, the panel needs to be updated, and it will be much easier to enable auto-updates. On a final note, it is wiser to get your security software updated as soon as possible as the later version is likely to be more open to malicious attacks.
2. Disable Unused Network Ports
Hackers like to take advantage of unused network ports and services for their own purposes. To prevent yourself from getting exploited, disable all the unused network ports. You can achieve this by using the “netstat” command to show all open network ports and their associated services, then set up “iptables” to close all open ports or “chkconfig” command to disable them. You can also automate iptable rules if you own a firewall like CSF.
3. Removal Of Unwanted Modules/Packages
There are a lot of extra packages and services that come together with your Linux OS and most people won’t be using all of them. It is advisable to remove them as it reduces the weak point that is open to hackers. Aside from that, try not to install packages, software, and services that are unnecessary for your system. This also helps in improving the server performance.
4. Data Encryption
One of the most common cyber-attacks used by hackers is MITM (Man In The Middle Attack), where hackers intercept the package while it is still transiting over a network. It is important to always encrypt transmission to your server using keys, passwords, and certificates. One of the most popular and recommended tools is GnuPG. It is a key-based authentication that is used to encrypt messages, where only the intended recipient with a private key can decrypt the public key of the package.
5. Disk Partitioning
Finally, for additional security, what a VPS owner can do is to partition their storage and separate the operating system files, user files, temporary files, and third-party programs into different partitions. It is also fine to disable SUID/SGID access (nosuid) and disable the execution of binaries (noexec) on the operating system partition.