Recommended security settings for Windows VPS
Your Windows VPS security is vital. When you have a Windows VPS hosting, you need to remember that it is live on the internet and prone to cyberattacks and malware. It is your responsibility to keep your files safe. The next smart move after purchasing your new Windows VPS, is to ensure its security. Here is a top eight list of recommended security settings you can follow to protect your service:
- Create a new administrator user
- Set a secure password
- Keep everything updated
- Set up (or enable) an antivirus & firewall
- Configure your Windows Firewall
- Use minimum privileges for work
- Back up all sensual data
- Audit your server regularly
Create a new administrator user
With your new Windows VPS, you will receive a default administrator account with default logins. The default user is a common target for brute force login attacks. To prevent this, you can easily create a new user assigning full admin privileges to it and then disable the default user account.
A common mistake would be to create a new account with the username “admin”, which will still be easily attacked. We recommend using random letters or numbers and changing it to something that is hard to guess, for example:
- admin-2615948companyname
- companyname-admin987654321
- admin-tyghbncompanyname
Set a secure password
Once you’ve secured your admin user, more importantly, you’ll need to pair it with a strong password. In doing so, consider the following guide:
- It should at least be 10 characters long.
- It should be a combination of lowercase, uppercase, numbers, and special characters.
- The password should not be used twice.
- Using variations of the same password should be avoided.
Do NOT write your password down or store them anywhere. If you can’t trust your memory, then try converting a memorable word or phrase into a strong password, like using Avengers Infinity War and converting it to: 4V3n&3R5!nf1N1tYW4r
Keep everything updated
Set up Windows and software updates as soon as possible. We recommend configuring your Windows Updates to auto update and install, ensuring improved security and constant bug fixes.
Security can also be weakened by installing third-party software. So it is very important to keep everything up-to-date.
Set up (or enable) an antivirus & firewall
Your Windows VPS can easily be infected by malware, viruses, spyware, adware, and other hacking mechanisms. Begin by enabling your Windows Security Essentials and Windows Firewall for free real-time protection on your VPS. An antivirus secures your machine from almost all types of online threats, which cannot be done by a firewall alone. However, the combination of both is a more secure option.
Configure your Windows Firewall
The Windows Firewall normally comes free with Windows OS. When configured properly, it filters information from the internet according to your settings and blocks hackers and malicious software.
Close unnecessary ports and disable unused services, ensuring that only the ports you use are open. It is advised to first select the Deny all option as a default policy while carefully enabling only those that you need. You can also install third-party firewalls if you’re running a lot of critical operations such as credit card information processing on your VPS.
Use minimum privileges for work
Don’t work as an administrator if it is unnecessary. Restricting yourself with only the bare minimum permissions needed to get your job done means you are locking down everything else that you don’t need at the moment. This helps prevent attacks and getting your admin user account compromised.
Back up all sensual data
Despite putting up all kinds of security systems, we still have to be ready for the worst-case scenarios. Set up regular backups of all important data so that if all else fails, you can retrieve and restore your data.
Audit your server regularly
Perform an audit of your server from time to time. Run manual virus/malware scans, check security logs, etc. By doing this regularly, you can easily detect malicious activity that may have been overlooked by the system.