This is the second part of our DirectAdmin Tutorial Series. If you are planning a new VPS, then we recommend starting with part 1 and to not skip any parts.
Automated bots continuously scan IPs for vulnerabilities. To prevent this from causing problems on your VPS, setting up the security of your VPS is the first thing we do after the installation.
Most of these bots automatically check IP addresses until they get a hit on port 22 and then try to penetrate on your VPS as 'root' through Brute Force attacks. For this reason, SSH access for the root user is disabled on our VPSs with DirectAdmin by default. You can read here how to create a user for SSH.
Given the large number of IPs used by bots, we cannot include all attacking IPs in our own firewall, nor do we receive reports of the attempts to penetrate your VPS.
Security measures
We go through the following steps to secure your VPS:
- Changing your SSH port.
- Restrict access to DirectAdmin to specific IPs.
- Brute force protection in the form of Fail2Ban and a configuration adjustment in DirectAdmin.
- Anti-virus/malware protection with ClamAV.
- Optional: Restrict access on ‘Admin Level’ to specific IPs.
- Perform the steps in this article as a sudo user (e.g. root).
- This is relatively complex matter. If you use the steps below to update an existing (instead of new) VPS, create a snapshot of your VPS first before you follow the steps below. That way you always have a snapshot to fall back on if it turns out that a change creates a problem.
Using the above steps, you have set up solid security for your VPS. Click here to continue to Part 3: Updating your VPS.
Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.
If you want to discuss this article with other users, please leave a message under 'Comments'.




Comments