Basic Tutorial to Secure an Ubuntu VPS

Secure Ubuntu VPS
Secure Ubuntu VPS

Securing your Ubuntu VPS is essential for protecting data, ensuring stability, and preventing unauthorized access. Here’s a straightforward guide on some basic yet effective steps to secure an Ubuntu VPS.


1. Update Your System

Start by updating your system to ensure all software is up-to-date with the latest security patches.

sudo apt update && sudo apt upgrade -y

2. Create a New User and Disable Root Login

For security, avoid using the root account directly and create a new user with sudo privileges.

  1. Create a new user: sudo adduser yourusername
  2. Add the user to the sudo group: sudo usermod -aG sudo yourusername
  3. Switch to the new user: su - yourusername
  4. Disable root login by editing the SSH configuration file: sudo nano /etc/ssh/sshd_config Find the line:
   PermitRootLogin yes

Change it to:

   PermitRootLogin no
  1. Restart SSH to apply changes:
    sudo systemctl restart ssh

3. Enable Firewall (UFW)

Ubuntu’s Uncomplicated Firewall (UFW) provides a straightforward way to manage firewall settings.

  1. Allow SSH access: sudo ufw allow OpenSSH
  2. Enable the firewall: sudo ufw enable
  3. Check the status:
    sudo ufw status

Optionally, if you’re hosting a web server, allow HTTP and HTTPS traffic:

sudo ufw allow http
sudo ufw allow https

4. Change the Default SSH Port

Changing the SSH port can add an additional layer of security against automated attacks.

  1. Open the SSH configuration file: sudo nano /etc/ssh/sshd_config
  2. Find the line: #Port 22 Uncomment and change 22 to your desired port, e.g., 2222: Port 2222
  3. Restart SSH to apply changes: sudo systemctl restart ssh
  4. Don’t forget to allow the new SSH port through the firewall:
    bash sudo ufw allow 2222/tcp

5. Disable Password Authentication and Enable SSH Key Authentication

Using SSH keys instead of passwords enhances security.

  1. Generate an SSH key pair on your local machine: ssh-keygen -t rsa -b 4096
  2. Copy your public key to your VPS: ssh-copy-id -p 2222 yourusername@your_server_ip
  3. Disable password authentication for SSH: sudo nano /etc/ssh/sshd_config Find the line: PasswordAuthentication yes Change it to: PasswordAuthentication no
  4. Restart SSH:
    sudo systemctl restart ssh

6. Install Fail2ban

Fail2ban monitors login attempts and blocks IPs with repeated failures, protecting against brute-force attacks.

  1. Install Fail2ban: sudo apt install fail2ban -y
  2. Start and enable Fail2ban: sudo systemctl start fail2ban sudo systemctl enable fail2ban
  3. Configure Fail2ban by creating a local jail file: sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
  4. Modify settings as needed: sudo nano /etc/fail2ban/jail.local You can adjust the ban time, retry limits, and monitored services.
  5. Restart Fail2ban:
    sudo systemctl restart fail2ban

7. Install and Configure Automatic Updates

Automatic updates reduce the risk of security vulnerabilities by ensuring software remains current.

  1. Install the unattended-upgrades package: sudo apt install unattended-upgrades -y
  2. Enable automatic updates:
    sudo dpkg-reconfigure --priority=low unattended-upgrades

8. Regular Backups

Always keep regular backups to quickly recover in case of an attack or data loss. Many hosting providers, like Hosteons, offer backup solutions, making it easy to automate and restore from snapshots or backups.


Summary

By following these steps, you enhance the security of your Ubuntu VPS against common threats. Regular updates, secure login configurations, a robust firewall, and monitoring tools like Fail2ban all contribute to a safer and more reliable server environment. With these basics covered, your VPS will be better protected against potential attacks.

The Importance of Backups for VPS Hosting: Keep Your Data Safe with Hosteons Free Backup Service

Free VPS Backups or snapshot
Free VPS Backups or snapshot

In today’s digital landscape, data is the backbone of any online presence, whether you’re managing a personal blog, an eCommerce website, or a mission-critical application. For VPS (Virtual Private Server) users, ensuring that data is safe, secure, and recoverable is more than just a precaution—it’s essential for maintaining uptime, protecting business continuity, and safeguarding user trust. At Hosteons, we understand this need, which is why we offer free backups and snapshots with our VPS and Hybrid Dedicated Server hosting. Here’s why having regular backups is vital and how Hosteons is here to support you.

Why Are Backups Essential for VPS Hosting?

  1. Data Protection Against Cyber Threats Cyberattacks and ransomware threats are on the rise, and VPS servers are a prime target for malicious actors. Regular backups can safeguard your data, allowing you to recover quickly in case of an attack. With Hosteons’ free backup services, your data remains protected without additional cost, ensuring your digital assets are always safe.
  2. Minimizing Downtime and Recovery Time For websites or applications, downtime is detrimental—not only for revenue but also for user trust. Backups allow for quick recovery in the event of server failures, data corruption, or accidental deletions, reducing downtime significantly. Hosteons’ backup solutions are designed to minimize the time needed to restore operations, keeping your business running smoothly.
  3. Testing and Development Many developers and IT teams use VPS environments for testing and development. Regular backups allow you to restore your server to a previous state, making it easy to troubleshoot, test configurations, or revert changes without risk.
  4. Compliance and Data Integrity Depending on your industry, you may need to retain certain data for legal or compliance reasons. Backups offer a simple way to ensure data is maintained securely, helping your business meet regulatory requirements.

Hosteons.com Backup and Snapshot Solutions

At Hosteons, we pride ourselves on providing high-quality hosting solutions that prioritize user needs. Our budget US KVM VPS and EU KVM VPS hosting (powered by Intel Xeon servers) and premium Ryzen KVM VPS servers are designed with performance and reliability in mind. For those needing a more robust solution, we offer Hybrid Servers (VDS) on Ryzen 7950x servers. With data center locations in Los Angeles, New York, Portland, Dallas, Miami, Salt Lake City, Frankfurt, and Paris, you can select a location that suits your audience best, all while enjoying 24×7 support.

With our free backup and snapshot service, you can rest easy knowing that you can roll back your VPS to a previous state whenever you need it. Whether you’re a small business or a large enterprise, this feature adds an invaluable layer of security and flexibility to your hosting experience.

Hosteons: Reliable Hosting with Free Backups

When you choose Hosteons, you’re choosing more than just a VPS provider—you’re partnering with a company dedicated to your digital success. From shared and reseller web hosting to hybrid dedicated servers, Hosteons ensures that your data is protected with regular, accessible backups. Let us handle the technical challenges, so you can focus on what you do best.

Start your journey with Hosteons today, and experience the peace of mind that comes with knowing your data is always secure and recoverable.

Dallas Budget Gigabit KVM VPS Launch

We already launched our Premium Ryzen KVM VPS in Dallas last month, but as promised we have now even launched our Budget Gigabit KVM VPS in Dallas, Texas

All our Budget Gigabit KVM VPS Nodes have following or similar specs:

Dual Intel(R) Xeon(R) CPU E5-2690 v2 (Or Similar minimum, 2.5 Ghz)

128 GB RAM

RAID 10 SSD

10 Gbps Network Port (Some of our VPS Nodes are still on 1 Gbps Port, but they are in process of being upgraded to 10Gbps Port for more info Click Here)

Free IPv6 /64

IPv4 as per your package and option to add upto 16 additional IPv4 IP

Free Windows 2019 License with annual payment

VPS Control Panel

Custom ISO Support

Full RDNS control

Reboot and Reinstall Support

Free DDOS Protection

Moreover our VPS services are activated instantly upon payment and we have 24×7 Real Human Support

Also if you want to check our Dallas Network check out our Network Looking Glass at https://lg.dal.hosteons.com

Some major FREE Upgrades coming soon to Budget Gigabit KVM VPS

We have been constantly trying to improve and upgrade quality of our services and now we are doing one more major upgrade to our Budget Gigabit KVM VPS, after this upgrade even our Budget KVM VPS will performa like Premium VPS:

1) Retiring all our AMD Opteron VPS Nodes and upgrading to Intel E5 based Nodes with same RAID 10 SSD Drives (these nodes will be hosting almost half the number of VPS on them compared to our old VPS Nodes)

2) Upgrade VPS Node Port from 1 Gbps to 10 Gbps, this will improve network performance a lot.

Moreover we would like to inform all our Legacy 100 Mbps unmetered VPS clients that since we are now upgrading server port to 10Gbps, we will be strictly enforcing our Acceptable Usage Policy to avoid any bandwidth abuse, because it affects performance of all other VPS on the same node. We have found a lot of Unmetered VPS users using upto 50 TB per month on 100 Mbps Port, which clearly means that these VPS were using more then 100 Mbps 24×7 (yes it happens sometimes, traffic shaping does not work 100% accurately on VPS Nodes), we are rate limiting such VPS to 10 Mbps to avoid further abuse and to avoid of quality of service going down for our other clients, though if such user wants to switch to our Gigabit KVM VPS packages, just submit a support ticket we will do it. Moreover if you are on 100 Mbps Legacy package and if you are not abuser and following our Acceptable Usage Policy you can continue to use your VPS without issues and won’t find any kind of cap on your network. Most of these Bandwidth abusers appear to be commercial VPN/Proxy providers which is already against our Terms of Service, so if we find good proof that you are using it for commercial VPN/Proxy your services will be terminated (it does not matter if you are on unmetered or metered plan, but we don’t allow commercial vpn/proxy providers on our network)

We have lots of VPS nodes so this whole process will take almost 1 month or may be even more, but we are planning to start this process within next 3-4 days. This is how we have planned:

1) We will add new VPS nodes to same network as our current VPS Nodes (on 1 Gbps Port) then we will migrate all VPS from old VPS nodes to new VPS nodes, there will be no data loss or IP change, but you will experience downtime of few minutes usually less than 10 minutes.

2) Once VPS are migrated to new nodes, we will have to shutdown the VPS nodes and physically move them to the RACK with 10 Gbps network/switch, this migration can take 1-2 hour, as it involves shutting down vps nodes, physically UNRACK the VPS Node from old RACK and move it to the new RACK and plugin all cables, then route the IP ranges to the new switch/RACK and booting all the VPS nodes back online.

But once this done you will experience much better network performance as well as CPU performance, overall quality of VPS will improve a lot.

We will be doing this across all our locations – Los Angeles, New York, Las Vegas, Jacksonville.

We will be even starting Budget Gigabit VPS Service in Dallas soon, since this will be a new node, we will start it with 10Gbps Port

We will email all clients about it before we start this migration.

For regular update on this upgrade kindly bookmark this link https://my.hosteons.com/announcements/217/Some-major-FREE-Upgrades-coming-soon-to-our-Budget-Gigabit-KVM-VPS.html as we will be posting future updates about this upgrade on above post

What’s happing at Hosteons ? So many changes ?

2020 has been a crazy year for everybody all over the globe, but we at Hosteons have been working behind the scenes to bring new services, service upgrades, server upgrades, and what not.

Here is what’s new with Hosteons:

Premium Ryzen VPS:

We have launched a Premium Range of Ryzen based KVM VPS in two locations – Los Angeles and Dallas (More locations coming soon). Ryzen CPU along with NVME Drives takes your VPS experience to a different level as these are very very fast CPU along with super fast NVME Drives it just makes you feel like as if you are using a Super Fast Dedicated Server with ease of singing a VPS. Our Ryzen VPS Nodes are connected to 10Gbps network instead of our regular 1 Gbps Network to even make your network lightning fast.

Direct Admin Switch:

Due to constant price increase by cPanel we decided to even switch to Direct Admin for our shared web hosting and reseller web hosting and we even took the opportunity to even switch our web server from Apache to Lite Speed along with Kernel Care for reboot less updates, Cloud Linux for stable hosting experience and even more secure with CageFS implementation. We even added Imunify to it to make sure all sites on the server malware free. Not only this now we are using RAID 10 SSD instead of normal HDD for even faster websites. We are now even taking offsite backups every alternate day.

So here are some of the new features of our Shared Web Hosting and Reseller Web Hosting:

  1. Direct Admin Control Panel
  2. Lite Speed Web Server for ultra fast websites
  3. CloudLinux for Stable and Secure Web Hosting
  4. Imunify for Malware and Virus Free Hosting
  5. KernelCare for Rebootless updates hence basically services with no downtime
  6. RAID 10 SSD Based Storage for ultra fast disk access and very fast websites
  7. Regular backups just in case if you ever want to restore your data.
  8. 24×7 Support – We understand how important your website is for you hence we have 24×7 support

These are so many features and benefits not possible to mention all of them in a single article.

Discontinued 100 Mbps KVM VPS:

We have discontinued 100 Mbps Unmetered KVM VPS and instead of started offering Gigabit VPS as we noticed now when 100 Mbps connectivity is very common even in a typical household broadband, so 100 Mbps on a server is not enough, moreover we had more reasons to make this decision like when we were offering 100 Mbps Unmetered VPS even a few abusive or even compromised 100 Mbps VPS could make the network experience bad for other VPS users on the VPS node and since we did not wanted to compromise on quality of our services, we made this tough decision. Though we are not terminating existing 100 Mbps VPS users, they can continue to use their 100 Mbps VPS as long as they keep renewing and even option to upgrade to Gigabit VPS is open for them.

Also new nodes that we are adding for Gigabit VPS are now on 10 Gbps Port, very soon we will upgrade, all our VPS nodes (those nodes will only have Gigabit VPS not 100 Mbps unmetered VPS)

Migration from SolusVM to Virtualizor:

SolusVM is a good VPS control panel but it’s been lacking lots of features that were available in Virtualizor or where were very much needed, hence we even switch from SolusVM to Virtualizor, it wasn’t issue to switch but we still did it with help of very helpful team of Virtualizor.

Some of the new features which were not available until in our VPS control panel will be available now, like:

  1. Custom ISO upload – Now if you need to install an OS that’s not already available in our VPS templates you need not worry, just login to your VPS control panel and you can upload your own ISO and install your own OS, no need to even submit a ticket to do so.
  2. Until now we had to shutdown or suspend VPS of CPU abusive users, but now we can simply cap or limit their CPU usage to make sure experience of other VPS users is not affected and it even avoids downtime for VPS users whose CPU usage goes out of control (usually it’s due to some buggy software)
  3. Complete Integration with our billing system, so now you even don’t need to login to VPS control panel separately, you can mange most of the things directly from Client Porta/Billing/Helpdesk
  4. Support for Block Storage (We plan to provide block storage soon, but lack of support in SolusVM was our biggest hurdle, but now we have this option available)

There are many more features to list in a single article.

Very soon even daily backups will be available with our Premium Ryzen VPS, we will send out an email once it’s available.

Gigabit KVM VPS Packages Updated with much more RAM, Bandwidth, CPU and Disk Space

We at hosteons.com are constantly trying to improve our services and trying to give more bang for the bucks to our clients.

We have updated our Gigabit KVM VPS Packages to give much more resources without increasing the price, hence we have updated our VPS Packages, have a look at our new Gigabit KVM VPS Pacakages at:

https://my.hosteons.com/cart.php?gid=16

Or at

https://hosteons.com/vps.php

Also our Premium Ryzen KVM VPS will be launching soon in Dallas and Los Angeles

Our Special Gigabit KVM VPS Deals

Have you tried our Special Gigabit KVM VPS Deals yet ? These deals require no coupon code and were never offered before, this is the best pricing you can ever get in hosting industry without compromising in quality and also hosting company sustainability :

Deal 1 GB

1 CPU Core

10 GB SSD RAID 10

1 GB RAM

1 TB BW

Gigabit Port

1 IPv4

/64 IPv6

Linux

$11/year

Deal  2 GB

1 CPU Core

20 GB SSD RAID 10

2 GB RAM

2 TB BW

1 IPv4

/64 IPv6

Linux

$19/year

Deal 3 GB

2 CPU Core

30 GB SSD RAID 10

3 GB RAM

3 TB BW

1 IPv4

/64 IPv6

Linux

$30/year

Deal 4 GB

3 CPU Core

40 GB SSD RAID 10

4 GB RAM

4 TB BW

1 IPv4

/64 IPv6

Linux

$55/year

All These packages can be ordered from – https://my.hosteons.com/cart.php?gid=19

These packages are not available on our website, just for blog, and social media followers

Promo 30% OFF on Gigabit KVM VPS

We currently have a special 30% OFF Promo on all our Gigabit VPS Services on annual, bi-annual as well as tri-annual billing cycles. 

It applies on our Gigabit KVM VPS Packages – VPS 1 to VPS 10 (It applies only to Gigabit VPS not applicable on any other VPS package and only valid till 15th October 2020) in all 4 locations :

1) Los Angeles

2) Las Vegas

3) New York

4) Jacksonville

Also do check our improved and upgraded network in Los Angeles since we have added more bandwidth including Level3 as one of our uplinks which offers much better routing all over the globe including Asia/China

Coupon code: 30OFF (This is limited period promo valid till 15th October 2020)

This coupon only applies to new orders but if any existing customers wants to take advantage of it you can take it by renewing your VPS for another 1 year, 2 year or 3 years

If you are placing a new order simply order it from our website https://my.hosteons.com/cart.php?gid=16 or  https://hosteons.com/vps.php 

But if you don’t want to place a new order and just avail this discount on your existing VPS, just submit a support ticket asking us to generate invoice for renewal of another 1 year, 2 year or 3 year and we will give you flat 30% off on it.

Hosteons now in Las Vegas

Hosteons did it again, we are now in Vegas.

We started with VPS Hosting Los Angeles, California in 2018, then we launched our VPS Services in New York in 2019, then we launched in Jacksonville, Florida in 2020 and now again in 2020 itself we are getting ready to launch our KVM VPS Services in Las Vegas, Nevada.

In Vegas we are located in Flexential Facility in North Vegas. Our VPS Nodes are already racked in Vegas, but we are still testing them and hoping to launch our KVM VPS Services backed by RAID 10 SSD Drives by this weekend.

As of right now you can order our 100Mbps unmetered as well as our Gigabit VPS from https://hosteons.com/vps.php and just select your location in the order form.

So now we will be providing our KVM VPS across 4 locations:

  1. Los Angeles
  2. New York
  3. Jacksonville
  4. Las Vegas

We are working on adding more locations, soon we will providing VPS Services in more locations