Webhosting & Hosting Reviews

This article have been writting by Powervps tech, all copyrights to them.

Finding out your VPS has been hacked is like walking out to your car, and seeing the gaping hole where your stereo used to be. It hurts, bad.

However there are plenty of steps you can take as a VPS owner to secure your setup. Most of these are fairly basic and can halt the majority of hacking attempts.

If you need help setting up or configuring anything listed below, don’t hesitate to contact support. Who knows, you could get lucky and get me for your tech!

1) Securing SSH
SSH presents a unique problem. It is necessary for system administrators to manage their servers, and because of that it raises security vulnerabilities.

For those of you who use cPanel / Plesk or Webmin-Usermin, you may not use SSH everyday, or at all. It is easy to forget about it.

1.1 don’t login (or allow logins) to ssh as ‘root’
The user root is way, way to powerful to be allowed direct remote access. This does not mean you need to disallow root functions over ssh. In this setup another user is first used to login to ssh, and then the sudo command is used to allow root only operations. (Don’t worry, it’s not complicated… really it’s not

First ssh in to your VPS (if you have to use root this time, so be it)
at the prompt type the command

nano -w /etc/ssh/sshd_config

this will open the Nano text editor and allow you to edit the ssh configuration

find the line

# PermitRootLogin yes

and change it to

PermitRootLogin no

hit cntrl + x to exit Nano, then hit y and then enter to save the file

Now, we need to make a user to login to SSH when root level functions need to be performed.

when you are at the command line in ssh type the following command

useradd NewUserName -g wheel

this will create a new user in the wheel group (change NewUserName to whatever you want this user to be called)

Next run

passwd NewUserName

and enter the new password for the user you just created

Please Please Please use strong passwords, they are your first line of defense against hackers. Setting your password to doggie, is about the same as locking your front door with a q-tip and some scotch tape. Google “complex passwords” for some help picking one

Now we need to edit the suddoers file. This file determines who is allowed to use the sudo command, and that is what will allow you to act like root, without actually using the root account.

Since we added the new user to the wheel group, all we need to do in here is allow the wheel group to sudo. This is already in the file so all we need to do is remove the comment in front of it. Here is how

nano -w /etc/sudoers

Find the line

# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL

and remove the # like so

# Uncomment to allow people in group wheel to run all commands
%wheel ALL=(ALL) ALL

again, hit cntrl -x, then y and then enter to exit and save the file

Now, all you need to do is run the following command to restart ssh services and you done (you may get booted out of ssh after you run this command)

service sshd restart

All set, you have no disallowed the root account to login through ssh.

To login to ssh to perform root functions, use the following steps.

SSH to your server using the username and password you created above, not root.

Next type the following command

sudo su -

This will bounce you up to root for the entire time you are logged in. Alternatively you can use sudo in front of any command to run just that command as root
For ex.

sudo nano -w somefile.txt

would open somefile.txt as the root user.

1.2 Changing the SSH port

The standard port for SSH is 22, and hackers are well aware of this fact. Changing the ssh port is a great way to avoid some common brute force hacking attempts and the like.

First ssh into your VPS (using the new account and password from above and then sudoing up to root)

Edit the ssh config file

nano -w /etc/ssh/sshd_config

Now, find the line labled

# Port 22

and change it to

Port zxy

where zxy is any 4 digit number you wish, (note this number)

hit cntrl + x to exit Nano, then hit y and then enter to save the file

Now, you need to open up this new port in your VPSs firewall. If you dont know how to do this already, dont attempt it before consulting support.
Simply open a support ticket, and we will have this port opened for you in half a jif, just make sure to include the port number you have set in the ticket.

Now, restart sshd with the folowing command, and your all set. Remember to change the ssh port in whatever client ssh program you use to connect to your VPS.

service sshd restart

You can also read: HOW TO: Change the Hostname and Not Get Cpanels Licence Error

Recommended reading: SSH user identities