How Can We Help?
< All Topics
Print

Protecting Your VPS: Strategies for Preventing Abusive Activity

VPS security can be compromised, leading to unauthorized use for abusive purposes. This can affect server performance and your IP reputation, potentially causing a service suspension. It’s crucial to take security measures and take immediate action if you notice unusual behavior, as it can potentially result in service suspension.

a) General precautions

VPS

The following measures are implemented to prevent vulnerabilities, and it is imperative to adhere to them.

  • Maintain the latest operating systems, CMS, plugins, scripts, and applications.
  • Avoid installing corrupted operating systems, scripts, or applications, and use strong passwords.
  • Always use a secure connection (HTTPS).
  • Configure the recommended permissions for core files according to your CMS requirements.
  • Regularly scan your system for malware using tools like Malwarebytes.
  • Install secure plugins that align with your website’s CMS settings.
  • Implement Fail2Ban tools to prevent IPs from repeatedly attempting incorrect logins on your VPS.
  • Secure SSH connections by modifying ports, disabling root SSH access, utilizing private keys instead of passwords, and more.
  • Removing any unused ports and services for both inbound and outbound traffic.

Below, you’ll find a list of common types of abuse and suggestions for additional steps to take.

1. Outgoing spam from your Virtual Private Server (VPS)

Unknown emails may indicate spam abuse on your VPS. To resolve this issue, ensure:
  • Website forms are safeguarded by tools like reCAPTCHA, which prevents editing of the destination address.
  • The absence of a contact form on your website will result in the disablement of PHPmailer and sending emails from port 25.

2. Malware or Phishing

Infected websites can be used to host and distribute malware from your VPS, as well as host phishing websites. The WordPress Malware Removal Guide is a comprehensive tutorial for those using WordPress-powered websites.

3. Illegal/Copyrighted Content

To prevent malicious actors from using your VPS to host illegal content, use content scanning mechanisms like ClamAV to identify and remove illegal content, and perform metadata analysis and manual review of copyrighted content.

4. Crypto Mining

Unidentified processes on your VPS may cause high CPU usage, which may indicate unwanted mining activity. To resolve this issue, kill the offending process and remove the script or program from the server, then follow the previous steps to remove any vulnerabilities.

5. Botnet Participation/DDoS Attacks

Malicious actors can hijack your VPS, forming a botnet, enabling them to control multiple infected systems and launch DDoS attacks. To prevent this:

  • Monitoring abnormal network behavior and traffic spikes on a continuous basis
  • Conduct regular system audits to detect any unauthorized processes or connections.
  • Implement a firewall to prevent the entry of any suspicious traffic.
  • Utilize a DDoS protection service like Cloudflare.

By following these measures, you can significantly decrease the likelihood of any malicious activity coming from your VPS.

Table of Contents