Keeping your Linux server secure in 3 easy steps

  • Tuesday, 8th September, 2020
  • 20:33pm

Linux is an extremely secure operating system, however, that doesn't mean to say that it's wise to apply a "set and forget" mindset, as doing so could lead to a security breach, and data loss - costing your business time and money. It's for that reason that Ethernet Servers recommends all Linux VPS customers follow these 3 easy steps to maintain a secure, high-performance hosting environment.

  1. Use strong and unique passwords. As standard, we deploy all of our Linux VPS's with a 21-character randomly generated root password, which would take over 500 billion years to be cracked at today's standards. With that in mind, we do understand that remembering a password like this is not ideal, and so, changing it to something shorter may be more convenient. A short password can be secure, but try to include a variety of mixed case, symbols, and numbers, and ideally, ensure it is not a dictionary word.

    You can have all the latest updates (more on that below) and security software, but with a weak root password, none of those things matter. Remember: security is a cumulative process.

  2. Keep your operating system up-to-date. On a typical out-the-box Linux system, whether that be CentOS, Debian, Ubuntu, and so on, you'll find there are typically security-related updates released at least once a week. This is no surprise given the number of packages involved in making Linux what it is - everything from the kernel, to the SSH protocol and systemd to sudo. You must keep up with the latest security updates.

    This doesn't mean to say you need to be logging in and running yum update or apt-get upgrade daily, as many distributions offer automated updates, for example using the unattended-upgrades feature in Debian or Ubuntu. The saying "if it isn't broke, don't fix it" is known by many, and whilst it might be tempting to avoid security updates to avoid the possibility of something wrong, as long as you maintain regular backups (which you should!), you'll always be safe in the unlikely event an unattended-upgrade causes problems.

  3. Restrict access as much as you can. Let's say you have a static IP address at your house or workplace, and you'll be the only person connecting to SSH, phpMyAdmin, WHM - whatever it might be - consider locking down those daemons to your IP address. The exact procedure for doing so will vary depending on what you're looking to lockdown. To achieve this with SSH, for example, you could use iptables. In the case of phpMyAdmin, this can typically be done with the phpmyadmin.conf file. And for WHM, you'll want to use Host Access Control

    With that in mind, you'll want to ensure that you have a plan to fall back on in case your IP address changes. Typically there are ways around this, for example, we provide an SSL secured HTML 5 serial console that authenticated customers can use to access their servers if that they get locked out via SSH. 

We hope this short guide has been helpful! Please feel free to contact us if you'd like to know how we can help secure your critical infrastructure, or if you have any questions about our products and services! We're here to help - 24/7/365.

« Back

We're trusted by amazing customers in 136 countries - come & join us!
Matthew Beausoleil February 4, 2024
Everything is working as expected

I was looking for a simple syncthing server and didn't need anything fancy. I found Ethernet servers on server hunter and chose them because of their low price and good reviews. I had access to my server within a few minutes. It was easy for me to change the ubuntu to Centos and everything is working as expected.

Sameed Sohani January 21, 2024
Great service overall thus far

Three reasons I decided to try out the service: I heard and subsequently saw that the prices were great, it is very hard to beat those unmanaged special offer prices. I heard that the service was reliable, so far so good. It's only been a week, but I hope that it will continue to be reliable as I use it more. I heard that the support is excellent, and I have to agree. Great service overall thus far.

ジエント January 12, 2024
The networks are top of the line

Great upload and download speeds, apt-get updating is a breeze. The only mishaps was on my end, ssh had some weird buffer lag (sometimes unresponsiveness) that has to do with my connection with my isp. Just make sure your connection stable and everything should work just fine. The networks are top of the line.

Atul Sharma January 3, 2024
Nothing but a joyful experience

Been with them for a week and the transition from old hosting to ethernetserver has been nothing but a joyful experience. Setting up new vps, networking is like a breeze. All set up by george and nothing to worry about really.


Ethernet Servers Ltd
124 City Road
London
EC1V 2NX
United Kingdom


Registered Limited Company: #09114946

Telephone:
+44 330 043 1258

Email:
sales@ethernetservers.com

Copyright © 2014 - 2024 - Ethernet Servers Ltd - All Rights Reserved.

Proudly serving customers in 136 countries since September 2013!