First steps after buying a VPS: secure it in 10 minutes
Updated 7/18/2026
A server exposed to the internet starts receiving automated login attempts within the first hour. The good news: a few minutes of configuration removes almost every common risk. Run the steps below as root, right after your first connection.
1. Update the system
apt-get update -y && apt-get upgrade -y
2. Create a dedicated user
Do not work as root permanently. Create an account with admin rights:
adduser deploy
usermod -aG sudo deploy
3. Key-based SSH, no passwords
Add your public key for the new user and disable password authentication:
sed -i 's/^#\?PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config
sed -i 's/^#\?PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
systemctl restart ssh || systemctl restart sshd
Make sure you added the key before running this, otherwise you lock yourself out.
4. Enable a firewall
apt-get install -y ufw
ufw allow OpenSSH
ufw --force enable
5. Install fail2ban
Automatically bans addresses that try to guess the password:
apt-get install -y fail2ban
systemctl enable --now fail2ban
That is it. In ten minutes you have an updated server, key-only access, an active firewall and brute-force protection. If you want to automate these steps on every new server, save them as a recipe in your account.
Put this guide into practice on your own VPS
EU cloud servers, billed hourly, ready in minutes, with one-click installs for dozens of apps.
See pricingRelated tutorials
How to run your own ChatGPT on a VPS
Run local AI models or a ChatGPT-style interface on your own server, with private data and no per-user monthly subscription.
Updated 7/18/2026GuidesThe best VPS for WordPress: which plan to choose
How much CPU, RAM and disk you need for a fast WordPress site, based on traffic, plus how to install it with one click.
Updated 7/18/2026GuidesHow to install a free SSL certificate with Let's Encrypt
HTTPS is a must for any modern site. Here is how to get and auto-renew a free SSL certificate on your VPS.
Updated 7/18/2026