Your brand new virtual private server (VPS) will open you up to a whole new world of possibilities and power. It will also open you up to a new world of security threats. If you are accustomed to having most security issues handled by your shared hosting provider, now might be a good time to learn some basic security tips for your new VPS.
1. Protect your logins – This means using secure passwords, limiting SSH access to only necessary users and disallowing root logins (Only one user should be allowed to escalate to root status, and no one should be able to login as root directly).
2. Add layers of protection – This means network firewalls, application firewalls, brute force detection and any other form of protection you can imagine. Take some time and research various preventative measures you can take with your operating system.
3. Monitor everything – A VPS administrator must be proactive. You cannot wait until your web host contacts you with a problem. Unlike shared hosting, this may not happen until it is too late. Setup system monitors and keep an eye on your virtual server.
4. Backup and test – Backup your server regularly and be prepared for the worst. Test your backups to make sure they actually restore properly.
5. Test for vulnerabilities – Start with a rootkit checker and go from there. Test for as many types of vulnerabilities as you possibly can.
When you start to think about the huge responsibility a VPS requires, it can be overwhelming, but it is definitely manageable if you have the right tools and a fair amount of education on the topic.