1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Basic VPS Security

Discussion in 'Black Hat SEO' started by MrGr33n, Mar 1, 2015.

  1. MrGr33n

    MrGr33n Regular Member

    Joined:
    Oct 9, 2014
    Messages:
    225
    Likes Received:
    42
    I am about to purchase my first ever vps and wanted to ask for any advice with regards to security that I should implement. If I am connected to the vps, does this mean that the person on the other side can also access my home computer somehow? And I was searching for tutorials on how to transfer files between my local pc and the vps and one of the ways was mapping your local harddrive on the vps. I feel like if I did this my entire pc would be open for access to anyone on the other side. Is this possible? Any security advice would be much appreciated no matter how simple. Thanks a lot.
     
  2. ttrox

    ttrox Regular Member

    Joined:
    Jun 28, 2013
    Messages:
    217
    Likes Received:
    76
    No, there is no way that a person on the other side would be able to access your home computer unless you're doing something strange. You're supposed to connect to the server via SSH or SCP/FTP protocols, and you initiate this communication, so there should be no problem.

    Check a little bit the following site for advices: https://www.linode.com/docs/security/linux-security-basics/

    Basically, what people usually recommend:
    1) Disable root login.
    2) Change default SSH port (from 22 to other one that you will remember and that isn't used).
    3) Check IPtables rules. This one is the most important but it might add some complexity if you're not computer savvy.

    To move files from your computer to the server I recommend using a program such as WinSCP or any free FTP program of your liking.
     
    • Thanks Thanks x 1
  3. MrGr33n

    MrGr33n Regular Member

    Joined:
    Oct 9, 2014
    Messages:
    225
    Likes Received:
    42
    Thanks for the reply mate. I am using a windows 2008 r2 vps so do the above things you mentioned apply to that?
     
  4. ttrox

    ttrox Regular Member

    Joined:
    Jun 28, 2013
    Messages:
    217
    Likes Received:
    76
    No, for some reason I assumed you meant a Linux VPS. They don't really apply to Windows though (except for the Firewall part).
    You can still use FTP to connect and send files to your remote server. You can also use the remote desktop application to send files (have not tried for big files though, so I can't say how well it works).
     
  5. MrGr33n

    MrGr33n Regular Member

    Joined:
    Oct 9, 2014
    Messages:
    225
    Likes Received:
    42
    Thanks again. If I put on a firewall can I still run programs like Scrapebox, GSA? And regarding the FTP transfer I read somewhere that it was unsafe to transfer files to your vps using that?

    Also do you recommend to change the default remote desktop port?
     
  6. ttrox

    ttrox Regular Member

    Joined:
    Jun 28, 2013
    Messages:
    217
    Likes Received:
    76
    Honestly, I doubt you would have security problems with FTP. However, you can always use FTPS which is secure.
    And about changing the port, yeah, it seems that you can: http://tweaks.com/windows/50743/change-remote-desktop-rdp-port/

    Never tried it though.

    Good luck.
     
    • Thanks Thanks x 1
  7. MrGr33n

    MrGr33n Regular Member

    Joined:
    Oct 9, 2014
    Messages:
    225
    Likes Received:
    42
    Thanks mate. So after some research these are the things I will do:

    - Disable default admin account and create a new user with admin permissions with a random username and secure password

    - Enable Network Level Authentication on the vps

    - Change the default remote desktop connection port and allow this port access in the windows firewall so I don't get locked out

    - Since I have a static IP addres, using the windows firewall I will put an IP based restriction to ALL IP addresses except my own. [However I do not know if this will cause problems when I use proxies in my seo tools so is this something I should do?]

    - Install CalmWin Antivirus - Free & OpenSource - Windows Server 2008 R2 Supported.

    - Some kind of Anti Malware/spyware

    -CCleaner to clean up the vps