Last update at :2024-06-15,Edit by888u
Nowadays, more and more webmaster friends are beginning to choose to use VPS hosts to build websites. Some of them consider the actual needs of the website, and virtual hosts can no longer meet the needs of their websites; some of them are because we want to directly choose VPS in one step to build our own websites. Build a site in your own application environment; it may also be because in many cases we can see that the price and performance of cheap VPS from some merchants are even cheaper than virtual hosts. After all, for most virtual hosts, if you need a virtual host with an independent IP The cost is relatively high in comparison.
So, we often give priority to VPS as the website building environment. By the way, if we are the first users to learn how to build a website, or the virtual host can meet our short-term needs, in order to reduce the hassle, it is better for us to use the virtual host. After all, in terms of operation and maintenance experience and technology, as well as the security of VPS In terms of issues, sometimes it is quite troublesome.
As novice users of Linux VPS, the security of the server requires our special attention. The following points are compiled by Snail, which can ensure the security of the VPS and website for novice users.
First, choose a regular VPS server provider
Generally speaking, for regular VPS providers or those with certain experience and technical operations, security measures and management are still more important, because it may be due to the merchant's own server security and management issues, or other users of the same hen. Improper management can lead to performance and speed problems for the entire machine. Especially when choosing the VPS host we use to build our website, we do not recommend choosing a merchant plan that is too cheap. After all, you get what you pay for. If merchants make less money, they will certainly not be able to provide much good service.
Second, modify the Linux VPS port
The default SSH port set by most merchants is 22. After we get the VPS machine, we need to modify the port first. It is recommended to learn the settings. We set the port to 5 numbers. For the specific setting method, please refer to "Linux VPS Security Settings One: Modify SSH Port (CentOS/Debian)". It is best to change the port after a while.
Third, set a complex SSH login password
First of all, we need to ensure the security of the user's password when purchasing a VPS from a merchant. If the login user password is simple and leaked, it is also a security issue. Secondly, we need to change the password for SSH login. It is recommended to use more than 16 characters, including a mixture of uppercase and lowercase letters, numbers, and special symbols. Similarly, we can modify it once in a while.
Fourth, set the key to log in to SSH
In the articles "Setting up key login with Xshell to ensure Linux VPS and servers are more secure\\" and "Setup Putty SSH using key to log in to Linux VPS host\\", we can refer to the client for SSH Set the key to log in to our VPS. When setting the key, we need to ensure that the password configuration of the local machine is safe and the key file cannot be lost.
Fifth, pay attention to and update system security files in a timely manner
When we configure the VPS environment, we need to upgrade to the latest installation source files, and if there are official security vulnerabilities, we need to upgrade and update them in a timely manner. This has been seen several times before when there were system security vulnerabilities.
Sixth, website program security
We generally use VPS to build websites. Website security requires a good security environment and a good website program as the basis. Although there are many open source CMS nowadays, we only need to build the CMS and then use templates to complete it. However, some website CMS programs still have loopholes. For example, DEDECMS has always had many security issues, so try to choose a CMS with better security. .
Don’t overuse many plug-ins and themes that have not been officially verified, especially themes and plug-ins like the cracked version of WORDPRESS. Many times there are security issues, so we need to choose carefully.
Seventh, regular backup of website
For general websites, we don’t need to do synchronous automatic backup, but we also need to do regular manual backup. For example, we can perform weekly or monthly backups based on the number of updated articles to ensure the security of website data. Even if there is a problem that causes data loss, we can still restore it. If necessary, we can use a backup machine. If the main server cannot be opened due to various reasons, we can also open the website through a temporary backup VPS, and then access it temporarily.
Finally, the above are the security issues that Snail has compiled that VPS novices need to pay attention to. For slightly more complex security settings, we can refer to the previously shared "8 security settings tips to ensure the security of the Apache Web server".
Recommended site search: php virtual space registration space, free US host, dynamic ip server, free space application, free domain name application, US virtual host purchase, space rental, dynamic ip server, 100m free space,
发表评论