How to Secure Linux VPS

secure linux vps server hardening


- VPS/Web Server with Linux distribution installed. Need a VPS? Try Web Host Wizards!
- PC/Mac Terminal

Getting Started

- Open your terminal
- Type 'ssh root@yourserverip' replacing 'yourserverip' with your servers IP address.

ssh root@yourserverip
We now need to update our distro and install Git
sudo apt update && apt upgrade
sudo apt install git
If you are using a Linux distrubution other than Ubuntu/Debian, you can find out how to install packages using your specific linux distro.

Secure Linux VPS Installaion Script

We can simply copy/paste this script from GitHub into our Terminal using this command
sudo git clone && cd vps-harden && sudo bash
The install script will begin by updating your Linux Distribution packages, if any. Once the packages are updated the script will begin.
'Would you like to install these crypto packages now? y/n'
If you plan to use Crypto your VPS or website you can type 'y', otherwise type 'n' and then press Enter.
'Would you like to add a non-root user? y/n'
We can add a non-root user at anytime. For now we can type 'n' and then press Enter.
'Enter a custom port for SSH between 11000 and 65535 or use 22:'
A custom port is recommended to avois SSH attacks on the standard Port 22. Enter in your desired port number and press Enter.
'Would you like to disable password login & require RSA key login? y/n'
Type 'n' and press Enter.
'Would you like to enable UFW and assign basic rules? y/n'
Type 'y' and press Enter.
The next steps are to secure your server's shared memory, enable DDOS protection, harden the networking layer, and enable automatic installation of security updates.'Would you like to perform these steps now? y/n'
Type 'y' and press Enter.
Would you like to install Google 2FA Authentication? y/n
Type 'n' and press Enter.
Would you like to enhance your MOTD & login banner? y/n
Type 'y' and press Enter. This is optional, its cooler so why not 🙂
Would you like to restart SSHD and enable UFW now? y/n
Type 'y' and press Enter.
Save the 'important login variables' that are displayed on the screen for future use.

🚨 Make sure to open a new terminal and test the SSH login with your new port (eg. 'ssh root@192.333.22.11 -p 1234') before closing down this current terminal.

If you are not able to connect to your VPS in the new terminal, try opening your chosen port in your servers firewall using the terminal you still have open and access to. A guide on how to open specific ports can be found here.

Securing Your Web Server

Every web server should be secured with a firewall and other security features. To secure your web server you can follow this link to install the 'VPS-Harden' software or copy/paste the below installation code into your terminal.
sudo git clone && cd vps-harden && sudo bash
Once you have installed 'VPS-Harden' you can follow this guide to set it up correctly.
Learn how to secure your server before continuing on to the next step.

Congratulations, the Secure Linux VPS script has now been installed on your server.

If you are looking to install & configure the LEMP(Linux, Nginx, MariaDB, PHP) stack on a VPS using the Ubuntu distro, we have a guide just for that here.

Leave a Reply

Your email address will not be published. Required fields are marked *