When your Windows VPS is live on the public network, VPS security should be your utmost concern. Right after receiving VPS login information, the most important thing you should do is to safeguarding your Windows VPS from malicious users. In this blog, we’ll explain you few tips to secure your Windows VPS.
Disable default Administrator account and create a new user with Administrator permissions
When your hosting provider is installing a Windows operating system, a default administrator account is created. Most VPS hosting providers will deliver a VPS machine with this default administrator account. This default administrator account can easily become a victim of brute-force login attacks by bots and automated attacks.
The easiest way to prevent this threat is to disable default administrator account and create a new user with full administrative privileges. On that note, some enthusiast VPS administrators will change username to “admin”, which will be even more susceptible to attacks. Hence, when you create a new administrator username, it should be random.
Following are some examples of secure administrative user names:
- admin-company name (ex., admin-accuwebhosting)
- company name-Administrator (ex., accuwebhosting-Administrator)
- Individual username-company name (ex., Rahul-AccuWebHosting)
- individual username -admin (ex., Rahul-admin)
- Individual-some random numbers (ex., Rahul-128337)
Set up a Strong Password for Your Administrator Account
After changing the administrator username to one that is more secure & random, the next step will be to set up a strong password for this newly created administrator account. Please refer to the following guide for generating a password:
- Password must be at least 10 characters long.
- It must be combination of capital-small letters, numbers and special characters.
- Avoid using the same password twice.
- Avoid using variations of the same password.
The above guide favors a random combination of letters, numbers, and special characters. However, recent trends also suggest converting some easily memorable words into a strong password. This will not only make the password secure, but one easy to remember.
Say for example;
“[email protected]” is as secure as “HO9B(SD&&AVB^ag3” and more memorable.
Considering that you are very bad at remembering complex passwords, instead of writing them down on your monitor’ sticky note, you can consider password safes such as Keypass.
Change the default remote desktop connection Port
To access the desktop of your Windows VPS machine, you will have a Windows feature called Remote Desktop running on default port 3389. Since this is a common and known to the public, the majority of remote desktop brute force attacks are executed on this port. So changing the default remote desktop port to some unknown port will easily correct this problem and prevent the abuse of server resources.
While you change the Remote Desktop port, it is recommended to choose some random port number. This article will explain the exact steps on how to change the remote desktop connection port.
If you are using some other Remote Access software, it is advisable that you change the default port for these applications too.
On a side note; being a web host we have came across some extreme cases where just changing the remote desktop port does not work. When Network/port scanners and RDP brute-force tools work 24/7, eventually attackers may find a port and password to access your VPS.
To prevent such attacks, host based intrusion prevention system (HIPS) is implemented. This protects your VPS from brute-force attacks. It monitors the audit logs and detects failed logon attempts. If the number of failed logon attempts from a single IP address exceed the normal limit, the IP address will be blocked immediately.
IP based restriction to Remote Desktop using the Windows Firewall
After changing the default port for Remote Desktop, to further secure your VPS, you should restrict unknown IP addresses to gain access to your VPS. To achieve this, you should have internet connection with a static IP address.
Standard home DSL / Cable / Wireless connections usually do not have a static IP address. You should be careful while you restrict IP addresses as you may lock yourself out.
Install Antivirus in Your Windows VPS
When you are done with Remote desktop security, you will be more engaged in downloading, uploading files, and browsing websites from your Windows VPS. At this moment, it is highly possible that your VPS may be infected with malware, viruses, spyware, adware and more hacking mechanism.
In order to secure your VPS, it is highly recommend that you install antivirus. Microsoft’s security Essentials is a excellent and free option to start with. It is an auto updating antivirus with the latest definition and offers real-time protection to your VPS from almost all online security threats.
Firewall and antivirus are not the same. To help protect your computer, you will need both antivirus software and a firewall.
Enable Windows Firewall
Microsoft ships almost all Windows OS with default Windows firewall. It’s a pretty decent firewall which works quite well in preventing hackers or malicious software. It checks the information coming from the Internet and then either blocks it or allows it to pass through to your machine, depending on firewall settings. It is strongly recommended that you keep Windows firewall enabled and set your default policies to ‘Deny all’ and only enable what you need.
You can opt for any third party firewalls when you run critical operations such as credit card information processing on VPS. But these may not be required iff you are just running few non-secure websites.
Update Windows regularly
Every code is considered to be PERFECT until its loopholes and back doors are unidentified. On this note; when you receive your new VPS, it is recommended that you run Windows updates as soon as possible.
To install important updates automatically, you should turn on automatic updating. Important updates provide benefits such as improved security, vulnerability patches, and bug fixes. Recommended updates are meant to address non-critical problems and enhance computing experience. Recommended updates can also be downloaded and installed automatically. Optional updates are downloaded and installed at your choice, as you cannot set them to automatic. When you do not turn on automatic updating, make sure that you check for updates regularly.
Update third party software regularly
Microsoft always work really hard to tighten the security of Windows. Amongst all available OS today, we can say that Windows is really a secure OS. But, it becomes compromised when people install third party software to the Windows machines.
More specifically, the security vulnerabilities associated with third-party software are often overlooked. This can include web browsers to simple document viewers. If the number of installed applications are larger, the exploit vulnerability increases. Hence, it is recommended that you install only what is essential to run your project, and keep all software up to date.
Setup remote desktop gateway
Remote Desktop Gateway is a technique to access your VPS through web over SSL/TLS. This method has a significant advantage of making connections over secure port 443. Using Remote Desktop Gateway is important because it encrypts the transferred data. Here is a very well written tutorial for configuring a Remote Desktop Gateway server on your VPS.
Configuring this security technique may not be everyone’s cup of tea. Hence, In order to set this properly, you may need assistance of your VPS provider. As a VPS customer, all you want to know is that there is a firewall like software is analyzing real time network traffic to your VPS and looking for attack signatures. Among all Intrusion prevention tools available, Snort is probably the most widely used open source network intrusion prevention tool.
Use spyware protection
This could be the easiest way of getting infected. We often receive many complaints against VPS users running a spyware infected VPS.
Spyware can be defined as software that displays advertisements and collects information from your machine. It is also capable of changing settings on your VPS without your consent. It can install unwanted toolbars, links, add bookmarks in web browsers, change default home page, or display pop-up ads repeatedly.
Some spyware work silently in the background. It does not show any detectable symptoms, but secretly collects sensitive information, such as your visited websites, your search engine keywords, the text you type. Most of them are installed through free software that you download from the Internet, but in some cases simply visiting a website will inject spyware into your machine.
Anti spyware software can help you in protecting your machine from spyware. It alerts you when spyware tries to install itself on your computer. It also performs scans in your computer for existing spyware and removes it. In order to have the latest definitions of spyware, these must be regularly updated.
When you go online, security is essential. We are inviting problems if we leave our servers open for intruders. Since we never leave our house open or car unlocked, why would we risk our customer’s personal and private information.
By performing these tasks, the security of your VPS against common attacks will be significantly increased. We would love to hear from you if you have any other tips to secure a VPS that may not be included in this article.
Rahul is CEO at AccuWebHosting.com
. He shares his web hosting insights at AccuWebHosting blog. He mostly writes on the latest web hosting trends, WordPress, storage technologies, Windows and Linux hosting platforms.
Latest posts by Rahul Vaghasia (see all)
(Visited 2,031 times, 3 visits today)