The security of your Virtual Private Server (VPS) is not just a technical task but the foundation of business stability, client trust, and protection of confidential data. Vulnerabilities in your system can lead to file loss, personal data leaks, virus infections, or complete resource unavailability.

In this article, we have compiled a detailed checklist on how to check your VPS for vulnerabilities and protect it at both basic and advanced levels — even if you are not a cybersecurity expert.

Why Should You Check Your Server Today?

80% of hacks occur through known vulnerabilities for which patches have long been available.
90% of DDoS attacks target small and medium business websites lacking protection.
Most users do not even use basic firewalls or security updates.

While your VPS might appear to be working “just fine,” it may already be vulnerable. The sooner you start acting, the fewer chances you have to fall victim.

Step 1: Timely Update of System and All Components

Software is continuously updated. These updates not only add features but also close known vulnerabilities.
Make sure to update:

  • Operating system (Ubuntu, CentOS, Debian, etc.)
  • Web servers (Apache, Nginx, LiteSpeed)
  • CMS platforms (WordPress, Joomla, Drupal)
  • PHP, MySQL, Python, and other services

Tip: Enable automatic updates or set up a regular update check script.

Step 2: Firewall Setup and Port Closure

A firewall is your first line of defense. Not every open port on your server is truly needed. The fewer access points are open, the lower the risks.

🔧 Tools:

  • UFW (Uncomplicated Firewall) — for Ubuntu/Debian:

bash

sudo ufw default deny incoming  

sudo ufw default allow outgoing  

sudo ufw allow 22/tcp  # SSH  

sudo ufw enable

  • CSF (ConfigServer Security & Firewall) — popular for CentOS
  • Firewalld — flexible firewall for RHEL/CentOS

🔍 Step 3: Scan Open Ports

Use nmap for external audit:

bash

nmap -Pn -sS your-server-ip

Or netstat / ss to view open ports internally:

bash

sudo ss -tulnp

If you see open ports you don’t use (for example, 3306 for MySQL), it’s better to close them or restrict access to localhost only.

Step 4: Strengthen SSH Access

SSH is the main channel to your server and must be maximally secured.

What to do:

  • Disable root login (PermitRootLogin no)
  • Change default port 22 to another (e.g., 2222)
  • Enable key-based authentication (no passwords)
  • Restrict IP addresses allowed to connect

Solution: Use Fail2Ban or sshguard to automatically block suspicious activity.

Step 5: Analyze Server Logs

Logs are your server’s “black box.” Regularly check:

  • /var/log/auth.log — login attempts
  • /var/log/syslog — system events
  • /var/log/nginx/access.log or /var/log/apache2/access.log — website activity
  • /var/log/fail2ban.log — blocked attacks

Use grep, less, tail -f to search for suspicious IPs or actions.

Step 6: Use Specialized Security Scanners

The best approach is to combine manual analysis with automated tools:

ToolPurpose
LynisIn-depth Linux security audit
ChkrootkitRootkit detection
RkhunterMalware scanning
OpenVASFull vulnerability scanner
ClamAVLinux antivirus

Install at least one scanner, for example Lynis, to perform periodic audits:

bash

sudo apt install lynis  

sudo lynis audit system

Step 7: Backup — Your Plan B

What if your server gets hacked or stops working tomorrow?

Without regular backups, you risk losing all data. Therefore:

  • Set up daily backups
  • Store backups on a separate server or in the cloud
  • Verify backups can be restored successfully

At Server.ua you can enable automatic backup without any hassle.

Step 8: Protect Websites on Your Server

If you host websites:

  • Keep CMS (WordPress, Joomla) and plugins/themes updated
  • Use a WAF (Web Application Firewall) — for example, via Cloudflare or ModSecurity
  • Disable indexing of technical directories (robots.txt)
  • Use CAPTCHA on forms to prevent bot attacks

Quick Security Checklist:

OS and packages are updated
Unused ports are closed
Firewall is active
SSH uses keys and no root login
SSL certificate installed
Logs monitored and attacks blocked
Backup system in place
At least one security scanner installed
CMS and web server are protected

Conclusion

VPS security is not a one-time action but a continuous process that should be integrated into your daily routine. Even if you complete 80% of the above, your server will already be more secure than most competitors’.

Even better — host your sites and projects on VPS from Server.ua, where you get:

  • Reliable infrastructure
  • 24/7 support
  • Automatic backups and SSL
  • Security configuration assistance

Need help? Our experts are always ready to help check your server — contact us!