System SelectionThe common operating system on VPS is Linux (there are many distributions), Freebsd,windows server and so on. In general, the VPS operating system is not free to install, Linux series VPS can install multiple Linux distributions, but not installed Windows, the Windows Series VPs also cannot be modified
people were not so stupid. I started to guess the user name.
$ Sudo grep "Failed password for invalid user"/var/log/auth. log | awk '{print $13}' | sort | uniq-c | sort-nr | more3190 218.28.79.228646 222.122.52.150172 123.15.36.21865 177.8.168.484 222.76.211.149Someone tried it for more than 3000 times. Well, is there such a valuable lovelucy blog .. To prevent this, we can make some configurations to make the VPS server more secure.
1. Modify the SS
Editor: If you use windows System vps can see this article: http://www.bkjia.com/Article/201103/84875.html
1. Open a firewallEnable the firewall and disable unnecessary ports/Etc/init. d/iptables start // simple rules are as follows.
/Sbin/iptables-F/Sbin/iptables-a input-p tcp-I vnet0-dport ssh-j ACCEPT/Sbin/iptables-a input-p tcp-I vnet0-dport 80-j ACCEPT/Sbin/iptables-a input-I vnet0-m state-state ESTABLISHED, RELATED-j ACCEPT/Sbin/iptables-a inp
777 CacheChmod 777 ImagesChmod-r 777 images/magicthumbsChmod-r 777 des/ages/english/html_des /*Chmod 755 primary des/ages/english/html_primary des/classicChmod 777 tempep
9. log on to FTP and modify the configuration file in the front and backend: database, user, password, and. htaccess.
Configure. php. htaccess
10. For security, after the website is set, the read and write permissions of the html_shortdes and tempep folders are restored to the original
CD/home/afish/domains/bbbbcom/public_html
In Vultr VPS, the entire pptp vpn process is manually built using Debian 8 i386 (jessie) as the operating system platform.
Update the server and install the PPTP Service
Apt-get update
Apt-get upgrade
Apt-get install pptpd
Edit/etc/pptpd. conf
Find # localip and # remoteip, delete # And set the ip address
Localip 172.16.31.254
Remoteip 172.16.31.234-238
Edit/etc/sysctl. conf
Remove # net. ipv4.ip _ forward = 1 and enable ipv4 forward.
Run sysctl-p a
Godaddy VDS can be managed through SSH logon. The logon method is as follows:
1. log on with an SSH client.
Putty putty SSH login software is recommended
Enter the Server IP address and click "open"
Then, log on with the user name and password. If [usename @ IP-**] $ is displayed, the logon is successful. However, this is a common user who does not have the root permission. the Godaddy VPs configuration must be loaded;
After you enter the pas
Turn from: Baidu Experience Thanks!
1. First we need to upgrade the software source to prepare for the installation of the desktop environment.Execute command: Apt-get update
2. Install the Desktop Environment or window Manager:Apt-get Install Xubuntu-desktopThis installs the XFCE desktop environment for Ubuntu.
3. Next to install the XRDP, after installing the XRDP, we can directly use the Windows system comes with the Remote Desktop tools to connect to our server.Apt-get Instal
Port 3389 is a remote Terminal Services port, remote Terminal Services in Windows system is a very powerful service, but also become an intruder long-standing host channel, intruders can use some means to get administrator account and password and intrusion host.As we all know, intruders usually first scan the host open port, once found that it opened 3389 port, will be the next intrusion, so we only need to modify the default port to avoid the majority of intruder's eyes and ears.1. Step: Open
Every day, a series of data files are generated on the server, some of which are of great importance, but if we simply move the files, it will not be very good backup, here, we use Python to implement the cloud backup of the file.This program I use Python to write, borrowed the Sevencow library file, the use of the program is very simple.
First we can download this code file from GitHub, and we can take advantage of the git clone command.https://github.com/icorer/vpssync.git Source Downloa
Set Squid Agent to appear the connection is reset, this is because you on the website of the keyword is qiang cause your ip+ corresponding proxy port is blocked, causing the connection to be closed directly.So we just use squid encryption to block the keyword. Start squid here, let's talk about opening squid htps_port.Cooperating with Stunnel (forwarding HTTP unencrypted HTTP packets to HTTPS encryption)Use squid and stunnel to encrypt squid to prevent GFW from losing squid with keywords1. Turn
Detailed description of centos Nic configuration under the VPS server automatically activates the NIC and installs CENTOS 6. after X, you need to manually activate the NIC every time you start the system. The following methods can be used to automatically activate the NIC after the system starts. Cat/etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE = "eth0" HWADDR = "00: 0C: 29: FC: 1C: 72 quot; NM_CONTROLLED = quot; yes quot; ONBOOT = quot; no qu
VPS Linux Centos6.3 build a VPN (pptpd) Server 1. find the software package: Run wget http://poptop.sourceforge.net/yum/stable/packages/pptpd-1.3.4-2.el6.x86_64.rpm in Centos System (it seems sourceforge.net this I can not open this campus network, or OpenShift to download) 2. check System Support and install the ppp and iptables package. The latter is usually installed by default. Use the local yum source yum install-y ppp iptables3. install the pptp
Now I have changed Ubuntu 9.10, and the previous method is not very useful. Fortunately, I found the VPN introduction written by users who are also Linode Ubuntu 9.10 On the website. It has been tested before.
First, make sure that your vps has been following Getting Started With Linode
This article provides preliminary preparations. For VPN installation, you must set the update source. Edit your/etc/apt/sources. list file and remove the comments of a
If the iptables firewall is not configured properly, we will not be able to access the server on our own. Let's take a look at our own vps in a hurry today, and we won't be able to log on through ssh, so it is very difficult to query logs, several ip address access exceptions were found, which should be a crawler of a plug-in. Previously, the simple iptables graph was disabled and can only be enabled again. The main command is as follows:
Th
Mount extended Hard Disk Partitions using LVM in CentOS VPS
Linux partitions are LVM, and there are three phases to expand the hard disk: New partition -- New PV -- expand VG -- expand LVTo divide a single hard disk into multiple logical partitions, create a new partition. skip this step if you use the entire hard disk:
1234567891011121314151617
# Http://www.haiyun.mefdisk-l # view the partition to be mounted, usually/dev/xvdbfdisk/dev/xvdb Command (m
Connect VPS Enter First command
Netstat-anp |awk ' {print $} ' |sort|uniq-c |sort-rn
Here we look at Syn_recv these, see his connection number is not high, good hundreds of, it is possible to be DDoS
The next trace is from which IP emits syn
directive: Netstat-an | grep SYN | awk ' {print $} ' | Awk-f: ' {print $} ' | Sort | uniq-c | Sort-nr | More
Next, keep looking, input instructions.
Netstat-ntu | grep SYN | awk ' {print $} ' | Cut-d:-f1 | S
daemon=/usr/bin/spawn-fcgiDaemon_opts= "-A 127.0.0.1-p 9000-c 10-u www-data-f/usr/bin/php-cgi"
When you modify the stop, the action is: pkill-9 php-cgi
Save, exit.
(4) Configure Nginx, open PHP support
Vi/etc/nginx/sites-available/default
Index to add index.php, and the relevant PHP part of the comment cancellation, note that you need to modify the Fastcgi_param path
Location ~ \.php$ {Fastcgi_pass 127.0.0.1:9000;Fastcgi_index index.php;Fastcgi_param script_filename /var/www/nginx-defaul
, although to the Forum exchange can get outside the chain, but pay attention to ensure their own information security, do not disclose their account habits.
These are the personal experience of maintaining a Windows Server 2008 server, a basic Security configuration tutorial that can protect against most vulnerabilities; Of course, if memory allows, you can install antivirus software, while adding other precautions, however, for VPS or cloud host us
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.