Essential Security Measures for Your VPS

When you purchase an unmanaged VPS or RDP from Lurstan Host, you have full root/administrator access. This gives you freedom, but it also means you are responsible for the internal security of your server.

 

Hackers constantly scan the internet for vulnerable servers. Follow this checklist to harden your VPS against malware, brute-force attacks, and unauthorized access.

 

1. Keep Your Operating System Updated

Outdated software is the #1 way hackers gain access. Security patches close the "holes" that attackers use.

 

  • For Linux (Ubuntu/Debian/CentOS): Run the following command frequently to update your packages: apt-get update && apt-get upgrade -y (or yum update for CentOS).

  • For Windows RDP: Ensure "Windows Update" is enabled and set to install critical security updates automatically.

2. Change the Default Access Port

Bots are programmed to attack default ports (Port 22 for SSH and Port 3389 for RDP). Changing these to a custom number (e.g., 4922 or 5500) stops the majority of automated attacks.

  • Linux: Edit your /etc/ssh/sshd_config file and change Port 22 to a custom number. Restart SSH afterwards.

     

  • Windows: You can change the RDP listening port via the Registry Editor (RegEdit). Note: Be sure to allow the new port in your firewall before restarting, or you will lock yourself out.

     

3. Disable Root/Administrator Login

Using the default "root" or "Administrator" username makes you an easier target because hackers already know 50% of your login credentials.

  • Best Practice: Create a new user with sudo (Linux) or Administrator privileges (Windows).

     

  • Action: Once the new user is created and tested, disable direct login for the "root" account in your configuration files.

4. Configure a Firewall

A firewall acts as a gatekeeper, blocking all traffic unless you specifically allow it.

 

  • Linux: specific tools like UFW (Uncomplicated Firewall) or CSF (ConfigServer Security & Firewall) are excellent.

     

    • Command: ufw enable (Ensure you allow your SSH port first!).

  • Windows: Use Windows Defender Firewall. Ensure that only necessary ports (like Web, Mail, and your custom RDP port) are open.

5. Install Malware Scanners

Even servers need antivirus protection.

 

  • Linux: Install ClamAV and Maldet (Linux Malware Detect). These are free, open-source tools that scan for malicious scripts and web shells.

  • Windows: Ensure Windows Defender is active. For an extra layer of security, you can install free versions of Malwarebytes to run occasional manual scans.

     

6. Take Regular Backups

If a hacker deletes your data or ransomware locks your files, a backup is your only 100% guaranteed recovery method.

  • Snapshots: Use the Lurstan Host Client Area to take occasional snapshots of your VPS state.

  • Off-site Backups: Keep a copy of your critical databases and files on a different storage device or cloud service.

     

Conclusion

Server security is an ongoing process, not a one-time fix. By keeping your system updated, changing default ports, and using a strong firewall, you block 99% of common attacks.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to Secure Your Hosting Account

Protecting Your Lurstan Host Account & Services At Lurstan Host, the security of your data...
Best Antivirus Software for Windows & Mac

Top Security Recommendations for 2025/2026 Whether you are managing a personal computer or...
How to Enable Two-Factor Authentication (2FA)

Secure Your Account with Two-Factor Authentication Your password is the key to your servers,...
Common Security Threats and How to Avoid Them

Understanding Online Threats Whether you run a simple website, a high-performance VPS, or a...