ID #1080

What are some security best practices?

With a VPS, you are the system administrator.  That means you need to pay attention to what's going on with your VPS, including on a security front.

There are many books, articles, and blogs about unix security.  We at GeekISP highly recommend that you make security a habit, by learning as much as you can - whether its from a book or a blog doesn't matter so long as you're regularly learning.

There are a few easy guidelines we can suggest:

  • Choose good passwords.  Ideally they should be random, including mixed case letters, numbers, and extra characters (^/@#$, etc).  Your password should be 10 or more characters at minimum.  Alternatively, consider using SSH keys and disabling password authentication entirely.
  • Do not run programs as root, unless absolutely required.  Make yourself a regular user account as your first course of action, and use that for your day-to-day activities.  An action by 'root' should be special.
  • Consider moving SSH off the default port.  Security through obscurity is not real security, but by sidestepping the many SSH scanning bots, you can avoid many dictionary attacks.
  • Read the daily emails from your VPS.  These are as simple as doing: "echo me@example.com > /root/.forward".
  • Keep all your software up-to-date via 'yum'.
  • For any software you're installing manually, be sure to follow the community.  Join their mailing list (even if its just their 'announcement' list) or read their RSS feed.  This is a good way to stay informed about security vulnerabilities in programs you're using.
That's just a start.  Security can be a challenge, but you can take simple steps that make a big difference in protecting your data.

Tags: -

Related entries:

Last update: 2010-01-16 23:03
Author: Dave Steinberg
Revision: 1.0

Digg it! Print this record Send to a friend Show this as PDF file
Propose a translation for Propose a translation for
Please rate this entry:

Average rating: 5 out of 5 (2 Votes )

completely useless 1 2 3 4 5 most valuable

You cannot comment on this entry