Bluehost Web Hosting Help
Securing a Dedicated or VPS Server
This article discusses some measures you can take to secure a Dedicated or VPS server.
Click on any of the tasks to jump to that point in the guide.
- Use a Firewall to Limit Access
- Brute Force Protection
- Connecting Securely
- Using Trustworthy Software
- Regularly Check for Malware
Use a Firewall to Limit Access
Firewalls prevent external access to software on your server that might otherwise be exposed. With firewalls you can limit the type of traffic, ports, and IP addresses that are allowed to communicate with your server.
Dedicated and VPS servers come with IP Tables. To learn more about IP Tables please see Manage Ports On Dedicated Or VPS Servers
Besides IP Tables, there are other firewalls you can use on your server
- UFW (Uncomplicated Firewall)
Brute Force Protection
Some services must be exposed to the internet so that you can connect to your server. In such cases, you still need to protect these access points. A common type of attack called "Brute Force Attack" occurs when an attacker attempts to login to your server by guessing the username and password. The attacker typically has methods and computers that are capable of trying guesses very quickly and given enough time can accurately determine a working user name and password.
A way to defend against these types of attacks is to have a system that monitors login attempts. If too many failed attempts occur from the same IP address within a short period of time, that IP address is blocked.
cPHulk is included on Dedicated and VPS servers, to learn how to configure it please see cPHulk Brute Force Protection
When you connect to your server, it's important to secure the connection. Insecure connections are more likely to have data stolen by anyone who might monitor the connection.
When connecting using SSH, it's a good idea to use keys instead of a traditional user name and password. See Generating a Public/Private Key
When making FTP connections, use SFTP instead of normal FTP. FTP setup using Secure FTP explains how to use SFTP
Using Trustworthy Software
A key component to security is making sure you only install trustworthy software on your server. Software from the distribution repositories that your server is already setup to use has been vetted and seen as trustworthy. Be careful when installing 3rd party software from untrusted services, you may be unknowingly installing malware.
You should also strive to keep your software up to date. The longer you keep out of date software the more likely you are to have known vulnerabilities in that software exploited.
Check for Malware Often
Even with strong security measures its still possible for your server to become compromised. A prudent server administrator will often check for malware on a server even if things seems to be running fine. To learn more about scanning for malware please see Antivirus on Dedicated or VPS servers
Recommended Help Content
Error Code 500 on Dedicated and VPS Servers
This article will explain some common causes for 500 errors on Dedicated or V.P.S servers.
Managing Users on a VPS or Dedicated Server
This article will explain how to create and manage users on Dedicated or VPS servers.
Restart a Dedicated or VPS Server.
This article will explain how to restart your Dedicated or VPS server.
Related Help Content
Disable SSLv3 on a VPS or Dedicated Server
This article will explain how to disable SSLv3 on a VPS or Dedicated server. This can help you avoid issues with vulnerabilities in SSLv3.
Restarting Mail Services on Dedicated or VPS Servers
This article will explain how to restart the email related services on a Dedicated or VPS server. This may be useful if you are experiencing trouble with your email.
Access Mail Logs on Dedicated or VPS Servers
This article will explain how to view the email logs on a Dedicated or VPS server. This may be usefull if you are experiencing trouble with your email.
Enable Non Legacy Backup on Dedicated or VPS Servers
This article will explain how to configure your dedicated or VPS server to use the new (non legacy) backup system.
Clearing the Mail Queue on VPS and Dedicated Servers
This article will explain how to clear the outbound mail queue on a dedicated or VPS server.
VPS Dedicated Installing SSL
To help with installing an SSL certificate for an account on a dedicated server through the WHM
VPS or Dedicated Hosting - cPHulk Brute Force Protection
How to protect your Dedicated Server using cPHulk
VPS or Dedicated Hosting - Installing Java
How to install Java in a dedicated server.