当前位置:国外VPS测评 > VPS News > UCloud VPS SSH Access, Server Security & Firewall Configuration Guide
dianmang

UCloud VPS SSH Access, Server Security & Firewall Configuration Guide

2026-05-04 分类:VPS News
9000人交流群欢迎你加入:https://t.me/gwvpsceping
jtti

Introduction

This guide is designed for beginners who are using cloud servers (such as UCloud or similar VPS providers). It explains how to securely access your server via SSH, perform basic security hardening, and configure firewall rules to improve overall system safety and stability.

Whether you are deploying websites, applications, or development environments, it is strongly recommended to follow these steps after initial setup to avoid security risks from default configurations.

1. Deploying Your Cloud Server

After purchasing a VPS from UCloud or any cloud provider, make sure you have the following information:

  • Public IP address
  • SSH username (commonly root or ubuntu)
  • Password or SSH key file

Official platform example:

https://www.ucloud.cn/

UCloud console example

2. SSH Remote Login to Your Server

1. Recommended Tools

  • FinalShell (beginner-friendly)
  • Xshell (advanced users)
  • Windows Terminal (built-in on Windows)

2. SSH Command (Linux / macOS)

ssh root@your-server-ip

On first connection, type yes to accept the host fingerprint.

3. SSH Key Authentication (Recommended)

ssh -i /path/to/private-key root@your-server-ip

Using SSH keys is significantly more secure than password login.

3. Basic Server Security Hardening

1. Update the System

apt update && apt upgrade -y

For CentOS systems:

yum update -y

2. Create a Non-Root User

It is recommended not to use the root account directly:

adduser admin
usermod -aG sudo admin

Then log in using:

ssh admin@your-server-ip

3. Change Default SSH Port (Optional)

Edit the SSH configuration file:

nano /etc/ssh/sshd_config

Modify the port setting:

Port 2222

Restart SSH service:

systemctl restart sshd

4. Disable Root Login (Recommended)

Update configuration:

PermitRootLogin no

Restart SSH:

systemctl restart sshd

4. Firewall Configuration

1. Install UFW (Ubuntu Recommended)

apt install ufw -y

2. Allow Required Ports

ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp

If you changed SSH port (e.g., 2222):

ufw allow 2222/tcp

3. Enable Firewall

ufw enable

4. Check Status

ufw status

5. Cloud Security Group Configuration (Important)

In addition to system firewall rules, you must also configure security groups in your cloud provider panel:

  • Allow SSH port (22 or custom port)
  • Allow HTTP (80)
  • Allow HTTPS (443)
Firewall configuration example

5. Security Enhancements (Recommended)

1. Install Fail2ban (Brute-force Protection)

apt install fail2ban -y

Enable service:

systemctl enable fail2ban
systemctl start fail2ban

2. Enable Automatic Security Updates

apt install unattended-upgrades -y

3. Monitor Open Ports

netstat -tulnp

6. Best Practices

  • Avoid using root account for daily operations
  • Use strong passwords or SSH key authentication
  • Only open necessary ports
  • Regularly update system packages
  • Monitor login logs and firewall activity

Conclusion

After completing these steps, your cloud server will have a solid baseline security setup, including SSH hardening, firewall protection, and brute-force defense mechanisms.

These configurations are essential for any production or public-facing server to reduce attack risks and ensure stable long-term operation.

标签:
racknerd

相关推荐

华纳云最新促销

9929 AMD EPYC AMD Ryzen AS4134 AS4837 AS9929 BandwagonHost BGP ChatGPT Cloud Hosting Cloud VPS CMI CMIN2 CN2 CN2 GIA CN2 GIA VPS CN2 VPS ColoCrossing DMIT Evoxt GIA VPS HostDare justhost justhost.asia KVM KVM VPS lcayun Linux VPS lisahost Netflix NVMe SSD NVMe VPS RackNerd RAKsmart Residential IP VPS Residential VPS SSD VPS UCloud VMISS VPS VPS Hosting WePC Windows VPS Xeon Gold YouTube