As soon as you spin up a cheap VPS on DigitalOcean or any other cloud provider, bots will begin scanning your IP for vulnerabilities within minutes. Securing your server must be your very first step before installing any applications.
Essential Steps for Immediate Security
- Change the SSH Port: Move away from port 22 immediately.
- Disable Root Login: Create a sudo user and disable direct root access.
- Enable UFW (Uncomplicated Firewall): Only allow traffic on ports you strictly need (e.g., 80, 443, and your custom SSH port).
- Configure Fail2Ban: Automatically block IP addresses that show malicious intent.
Secure Access Management
Additionally, accessing your server’s terminal should always be done through a secure tunnel like NordVPN to prevent man-in-the-middle attacks and ensure your session data cannot be intercepted over untrusted networks.
