This is the second part of our Plesk Tutorial Series. If you're configuring a new VPS we recommend starting with part 1.
Automated bots continuously scan IPs for vulnerabilities. To prevent security issues on your VPS, configuring the security of your VPS is the first thing we do after the installation.
Given the large number of IPs used by bots, we cannot include all attacking IPs in our own firewall, nor do we receive reports of attempts to penetrate your VPS. As such, it's important to have solid security on your VPS.
Security measures
To secure your VPS we go through the following steps:
- Change your SSH Port.
- Fail2Ban brute force security.
- Limit access to Plesk to specific IPs.
- Anti-virus / malware security with ClamAV
- Plesk Security Policy
- Prevent access to DNS zones belonging to other users
- Securing localhost & mail with SSL.
This is relatively complex material. If you use the steps below to secure an existing (instead of new) VPS, then always create a snapshot of your VPS first before you follow the steps below.That way you always have a snapshot to fall back on if it turns out that a change creates a problem.
You have set up solid security for your VPS to keep out pesky bots with the above steps! Click here to continue to Part 3: Updating your VPS.
Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.
If you want to discuss this article with other users, please leave a message under 'Comments'.