How can you secure your VPS against attacks like DDoS, Bruteforce?

Jovani

Active member
Joined
Jul 10, 2012
Messages
338
Points
28
Hi everyone,

How can I secure my VPS against attacks like DDoS, Bruteforce..etc..for a VPS Hosting with Linux system, unmanaged vps?

waiting for valuable answers :)
 

imrehost

New member
Joined
Nov 28, 2014
Messages
10
Points
0
Very simple. Use a web application firewall. Check out Sucuri and Cloudflare.
These services filter the traffic before they get to your VPS
 

ElixantTechnology

New member
Joined
Nov 26, 2014
Messages
622
Points
0
There are SO many things that you need to consider when securing your server, it's not as simple as just throwing up a firewall and using CloudFlare. CloudFlare's DDoS Mitigation methods will only help so much, true protection would be going with a provider that utilizes DDoS Migitigation at the network level. As for just putting up a firewall, you've got to configure it correctly as well.

Hop on google, do a little bit of research and see what you come up with. If you have any questions about what you find, don't hesitate to reach out to me, I'll try and answer as many of your questions I can.
 

imrehost

New member
Joined
Nov 28, 2014
Messages
10
Points
0
@Elixant
Sucuri do the deeper level of DDoS mitigation, you just need to pay more.
They also cache, which will deal with massive traffic spikes
They are particularly good at spotting WordPress vulnerabilities and will block traffic that might compromise your site.
Yes you are correct in that you need to look at everything. (also the deeper level stuff will beyond most people)
BUT for someone who needs a quick solution, at a very reasonable price then then a cloud proxy such as Sucuri is a very good option if they are under attack and need to do something immediately.
 

ElixantTechnology

New member
Joined
Nov 26, 2014
Messages
622
Points
0
ElixantTechnology
This is true. One thing I find a lot of people panic about when they are first starting a website is that they will be DDoSed. I would not worry too much about this at first, especially if you are just starting up. If you're small, sure, CloudFlare or Sucuri will definitely help you out (I am a CloudFlare Certified Partner, all of my customers get free instant access to their services via cpanel, it works wonders), but once you start growing that's when you have to start thinking outside the box.

From what I can tell so far by your posts you are just starting to get into server management. How big is the website that you are running? Are you sure it's absolutely necessary that you be on a VPS? Personally, if you don't have the experience, I would recommend a managed solution until you get the hang of things, just to play it safe.
 

imrehost

New member
Joined
Nov 28, 2014
Messages
10
Points
0
Good advice from @Elixant
Though, I would add this. One of our clients who is very very very very small with a 5 page website got totally hammered with traffic from Turkey, Russia and a whole bunch of countries with "stan" in the name. So DDoS can happen to anyone, but as @Elixant says, usually the bigger people get hurt first.
 

ElixantTechnology

New member
Joined
Nov 26, 2014
Messages
622
Points
0
Typically if you're running an english website, you really don't want any kind of traffic from any of the "stans" or China & HK. Most of the internet's malicious traffic comes from these regions. By utilizing CC restrictions in LFD you can completely restrict traffic from all IPs within the designated county's subnets. As voted by many of our customers we have done so, and by doing so we have seen malicious activities & attacks drop by nearly 100%.
 
Newer threads
Latest threads
Recommended threads
Replies
2
Views
3,279
Replies
1
Views
4,148
Replies
9
Views
4,897
Replies
11
Views
8,966
Similar threads
Replies
7
Views
3,784
Replies
22
Views
9,173
Replies
7
Views
4,231
Replies
4
Views
3,225

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top