1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Securing a Plesk VPS

Discussion in 'Plesk for Linux - 8.x and Older' started by mealto, Jul 17, 2008.

  1. mealto

    mealto Guest

    Now that we have a Plesk VPS, is there a simple tutorial somewhere that can guide us to securing Plesk and offer tips and tweaks?
  2. faris

    faris Guest

    Well, to be honest your simplest bet would be to installed ASL on it. www.atomicrocketturtle.com. Costs $128 per year.

    One of the features of ASL is a more secure kernel, which you can't use with a VPS. But other than that it works fine.

    Other things to do include using keys instead of passwords for your SSH logins, and don't allow direct root logins.
    Using a good firewall instead of the simplistic one that's standard in Plesk would be a good thing too. APF is a favourite. You need to read the sticky topic about installing APF in a VPS in the Virtuozzo section of this forum though.

    You can also ask your VPS supplier to make you /tmp noexec. This doesn't do all that much good but it is better than nothing I suppose.

    There's more -- search for posts by lvalics (I think I've spelled that correctly) who has many good suggestions on server security, though many of these don't quite apply to a VPS.