Almost any information published on the Internet can eventually become public knowledge. Surprisingly, in many cases, attackers do not need to come up with complex hacking schemes. Often, due to ignorance or obvious negligence, users neglect basic security measures. Therefore, ensuring the security of virtual dedicated servers (VDS) should be a priority before even considering renting one.
Based on this issue, we at 3v-Hosting decided to create a checklist for conducting a security audit of virtual dedicated servers, which will help both the specialist responsible for security in the company and the average person who intends to rent their first VDS/VPS server.
It is important to understand that security standards cover a wide range of measures and simply complying with one or two actions and neglecting the rest will not be enough. A comprehensive approach to server security is essential. We recommend starting with the following key practices:
- Software and updates:
– Make sure all server software and applications are updated to the latest versions;
– Make sure that updates are obtained only from official and verified sources;
– Ensure that patches and security updates are applied in a timely manner;
- Access control:
– View user accounts and their access levels;
– Disable or delete unnecessary user accounts;
– Provide strong and unique passwords for all accounts;
– Implement two-factor authentication (2FA) where possible;
– Regularly check and update access rights;
- Firewall and ports:
– View and configure firewall settings;
– Close unnecessary ports and services;
– Limit access to important ports to only trusted IP addresses;
– Regularly monitor and log firewall activity;
- Data segregation:
– Make sure that different types of data are stored in separate directories or partitions;
– Implement proper access controls to limit data access to authorized users;
– Encrypt sensitive data both during storage and transmission;
- Backups:
– Provide regular automatic backups;
– Check the integrity and availability of the backup copy;
– Check the recovery process periodically;
- SSH Security:
– Change the default SSH port to reduce the risk of automated attacks;
– Implement key-based authentication;
– Limit SSH access to specific users and IP addresses;
- Network security:
– Review network configurations and check for unauthorized devices;
– Use intrusion detection and prevention systems (IDS/IPS);
– Implement network segmentation to isolate critical systems;
- Protection against viruses and malware:
– Install and regularly update anti-virus software;
– Schedule regular system scans to detect malware;
– Monitor suspicious behavior or files;
- Root user access:
– Disable or limit root user access;
– Create and use a non-root user with sudo privileges for administrative tasks;
– Ensure strong passwords for administrator accounts;
- File system and permissions:
– Check file system permissions and limit access to confidential files and directories;
– Check regularly for unauthorized changes or modifications;
- Monitoring and management of logs:
– Set up centralized logging to monitor server activity;
– Regularly review logs for signs of security incidents;
– Set up alerts about suspicious or critical log entries;
- Security updates and patch management:
– Establish a patch management process to ensure timely application of security updates;
– Test updates in a staging environment before applying them to the production server;
- Physical security:
– Ensure that physical access to the server is limited and controlled. For example, all 3v-Hosting servers are located in the most secure data centers in Ukraine and the Netherlands;
- DDoS protection:
– Implement DDoS mitigation measures or services to protect against distributed denial of service attacks;
- Supplier and Third Party Assessments:
– Review and evaluate the security practices of your VDS hosting provider;
– Assess the security of third-party applications and services running on the server;
- Incident response plan:
– Develop and document an incident response plan;
– Establish procedures for reporting, investigating and mitigating security incidents;
- Regular security checks:
– Schedule periodic security checks to assess and improve server security;
– Participate in vulnerability assessments and penetration testing as required;
- Documentation:
– Maintain detailed records of security configurations, changes and incidents;
– Document security policies and procedures for reference;
Yes, this list may be a little redundant for ordinary users, but it is absolutely necessary for corporate IT security services. Keep in mind that the specific requirements of a VDS security audit may vary depending on your organization’s needs and compliance requirements. Regularly updating and reviewing this checklist will help ensure the security of your VDS infrastructure over time.
