←back to thread

How to secure your new VPS: a step-by-step guide

(www.kkyri.com)
52 points todsacerdoti | 1 comments | 22 Oct 24 00:52 UTC | HN request time: 0.206s | source
Show context
gjsman-1000 ◴[22 Oct 24 02:10 UTC] No.41910497[source]
Always remember though (and, before anyone says this is obvious, I once shocked an HN reader who hadn’t thought this through):

All of your VPS security is meaningless compared to your VPS provider’s security, the security imposed on the employees of the VPS provider, the security of your VPS account password, and their susceptibility to faked subpoenas and faked emergency data requests.

replies(2): >>41910536 #>>41910964 #
1. remram ◴[22 Oct 24 03:35 UTC] No.41910964[source]
I wouldn't say meaningless, no. If your provider is not too diligent about checking subpoenas, they will let a sophisticated targeted attacker in eventually. If your SSH password is weak, you will let any and all script kiddie in within the hour.