Securing a Dedicated or VPS Server
If you are using assistive technology and are unable to read any part of the HostMonster website, or otherwise have difficulties using the HostMonster website, please call 866-573-HOST and our customer service team will assist you.
Skip to main content

HostMonster Web Hosting Help

Securing a Dedicated or VPS Server

Overview

This article discusses some measures you can take to secure a Dedicated or VPS server.

Tasks Involved

Click on any of the tasks to jump to that point in the guide.



Use a Firewall to Limit Access

Firewalls prevent external access to software on your server that might otherwise be exposed. With firewalls you can limit the type of traffic, ports, and IP addresses that are allowed to communicate with your server.

IPTables

Dedicated and VPS servers come with IP Tables. To learn more about IP Tables please see Manage Ports On Dedicated Or VPS Servers

Other Firewalls

Besides IP Tables, there are other firewalls you can use on your server

  • UFW (Uncomplicated Firewall)
  • NFTables

Brute Force Protection

Some services must be exposed to the internet so that you can connect to your server. In such cases, you still need to protect these access points. A common type of attack called "Brute Force Attack" occurs when an attacker attempts to login to your server by guessing the username and password. The attacker typically has methods and computers that are capable of trying guesses very quickly and given enough time can accurately determine a working user name and password.

A way to defend against these types of attacks is to have a system that monitors login attempts. If too many failed attempts occur from the same IP address within a short period of time, that IP address is blocked.

cPHulk

cPHulk is included on Dedicated and VPS servers, to learn how to configure it please see cPHulk Brute Force Protection

Connecting Securely

When you connect to your server, it's important to secure the connection. Insecure connections are more likely to have data stolen by anyone who might monitor the connection.

SSH

When connecting using SSH, it's a good idea to use keys instead of a traditional user name and password. See Generating a Public/Private Key

SFTP

When making FTP connections, use SFTP instead of normal FTP. FTP setup using Secure FTP explains how to use SFTP

Using Trustworthy Software

A key component to security is making sure you only install trustworthy software on your server. Software from the distribution repositories that your server is already setup to use has been vetted and seen as trustworthy. Be careful when installing 3rd party software from untrusted services, you may be unknowingly installing malware.

Updates

You should also strive to keep your software up to date. The longer you keep out of date software the more likely you are to have known vulnerabilities in that software exploited.

Check for Malware Often

Even with strong security measures its still possible for your server to become compromised. A prudent server administrator will often check for malware on a server even if things seems to be running fine. To learn more about scanning for malware please see Antivirus on Dedicated or VPS servers

Knowledgebase Article 101,724 views bookmark tags: dedi security vps


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

This article will explain some common causes for 500 errors on Dedicated or V.P.S servers.
Knowledgebase Article 129,540 views tags: dedi dedicated error server vps

CSF is a firewall for VPS and Dedicated servers. CSF is not installed as part of our default images on VPS or Dedicated servers. This article describes how to install it yourself or request support do so.
Knowledgebase Article 89,041 views tags: configserver csf dedicated firewall security vps

This article will explain how-to enable FTP on a newly provisioned VPS or Dedicated cPanel server. Since FTP is an unsecured connection point to the server, cPanel has it disabled by default in version 11.86 or prior.
Knowledgebase Article 45,502 views tags: dedicated file ftp root server transfer vps

Related Help Content

If you need to transfer or restore a cPanel account for your VPS or Dedicated server, there is a tool within the WHM panel to perform these tasks. This article is about transferring or restoring from another server or restoring after a re-image.
Knowledgebase Article 88,042 views tags: backup cpanel dedicated hosting restore server transfer vps

This article will explain how to create and manage users on Dedicated or VPS servers.
Knowledgebase Article 140,485 views tags: dedi dedicated users vps

This article will explain how to restart your Dedicated or VPS server.
Knowledgebase Article 129,757 views tags: dedi dedicated reboot restart services vps

This article will explain how to disable SSLv3 on a VPS or Dedicated server. This can help you avoid issues with vulnerabilities in SSLv3.
Knowledgebase Article 120,540 views tags: dedi dedicated ssl vps

This article will explain how to restart the email related services on a Dedicated or VPS server. This may be useful if you are experiencing trouble with your email.
Knowledgebase Article 143,515 views tags: dedi dedicated dovecot exim mail restart vps whm

This article will explain how to view the email logs on a Dedicated or VPS server. This may be usefull if you are experiencing trouble with your email.
Knowledgebase Article 147,677 views tags: dedi dedicated logs mail vps whm

This article will explain how to configure your dedicated or VPS server to use the new (non legacy) backup system.
Knowledgebase Article 112,314 views tags: backup dedi dedicated vps

VPS and Dedicated servers come with all applications necessary to run a standard web and email server. The applications that come with the VPS and Dedicated servers are generally supported as-is by our support technicians.

This site utilizes JavaScript to function correctly. Looks like it's disabled on your browser. Please enable it for your best experience.

For instructions on enabling JavaScript, click here