Hello Rachel S,


Linux VPS will help you in avoiding varied attacks and cyber threats. However, it's not a one-time task – excluding the best security practices, you will have to monitor your virtual private server regularly.

Here are some security measures regarding Virtual Private Servers (VPS) to follow and keep the server extra secure,

• Change the Default SSH Port - If you use an SSH method to log in to your server, there is a risk of being a victim of a brute-force attack. When a "brute-force attack" occurs, it usually means someone tries to log in to your SSH using a variety of common passwords. So recommend changing the default SSH port 22 to another port.
• Disable Root Logins - The SSH root account should be disabled in all cases for the Linux server to harden your server's security. Disabling root login prevents root access over SSH to your Linux-based machine, meaning that one will have limited privileges, i.e., Administrator.
• Keep server software up to date - Older the software version, the more vulnerable your VPS becomes. You should run the necessary updates for your operating system. You can also consider automating this process through the cron jobs feature, a Linux-based utility that schedules a script or command on your VPS to execute at a fixed time and date.
• Use GnuPG encryption - It is a popular Linux encrypting tool that allows you to encrypt and sign your data and communications. It features a versatile key management system and access modules for all kinds of public key directories.
• Use a strong password policy - Passwords containing information about your identity or simple passphrases are easy to guess. You must create a strong and long password with elements, such as upper and lower case letters, numbers, and special characters. It secures your system against brute-force attacks.
• Configure & Enable a Firewall - Linux-based operating systems have pre-installed firewalls. You can install and configure a free CSF firewall. This firewall configuration script provides better security for your VPS giving you an advanced interface for managing your firewall. You can also enable Mod-security for Blocking/allowing access to specific IP addresses.
• Enable cPHulk in WHM - cPhulk is a feature integrated within cPanel. It helps to block logins after several failed login attempts and blocks not only cPanel logins but also WHM, FTP, and email.
• Install antivirus software - Set up a firewall to filter incoming traffic, and consider monitoring the files stored on your VPS. You can install antivirus software as a security-hardening approach. ClamAV is open-source antivirus software that detects suspicious activity and blocks unwanted files.

I hope the information above helps you understand the security measures to maintain security on your VPS.

------------------------------
Regards,
Rex Maughan