https://www.linuxhosted.com/categories/linux-hosting/Recent content in Linux Hosting on LinuxHosted.comHugo -- gohugo.ioenLinuxHosted.comSun, 31 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/ssh-hardening-vps-ubuntu/Sun, 31 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/ssh-hardening-vps-ubuntu/ <p>The moment an Ubuntu VPS gets a public IP, automated bots start knocking on port 22. Within hours you will see thousands of failed login attempts in your auth log — scripts cycling through <code>root</code>, <code>admin</code>, <code>ubuntu</code>, and a dictionary of weak passwords. SSH is the front door to your server, and the default configuration leaves it wider open than it needs to be. This guide walks through hardening <code>sshd</code> on Ubuntu 22.04 so that the door only opens for you.</p>https://www.linuxhosted.com/post/ufw-firewall-rules-vps/Sat, 30 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/ufw-firewall-rules-vps/ <p>A firewall decides which network ports on your VPS the outside world can reach. Without one, every service you start — a database, a stray dev server, a debugging tool — is exposed to the entire internet the instant it binds to a public interface. Ubuntu ships with <strong>UFW</strong> (Uncomplicated Firewall), a friendly front end to the kernel's <code>nftables</code> backend, and configuring it well takes about five minutes. This guide sets up a sensible default-deny firewall for a public server and shows how to verify it before it ever has a chance to lock you out.</p>https://www.linuxhosted.com/post/fail2ban-setup-ubuntu-vps/Fri, 29 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/fail2ban-setup-ubuntu-vps/ <p>Hardening SSH with keys stops password attacks from succeeding, but the attempts keep coming — bots will hammer your server thousands of times a day regardless. Fail2ban turns that noise into action: it watches your log files, spots the pattern of repeated failures from a single IP, and tells the firewall to ban that address for a while. It is the automated bouncer for your VPS, and on Ubuntu 22.04 it takes about ten minutes to set up properly. This guide installs it, configures a tuned SSH jail, and verifies that bans actually fire.</p>https://www.linuxhosted.com/post/systemd-service-hardening/Thu, 28 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/systemd-service-hardening/ <p>Most services on a Linux VPS run with far more power than they need. A web app that only has to read its own files and listen on a port often runs able to write anywhere on the filesystem, see every other process's temp files, and acquire new privileges at will. If that service is ever compromised, all of that latent power becomes the attacker's. Systemd has a deep sandboxing toolkit built directly into the service manager — no extra software, just directives in the unit file — that strips a service down to only what it actually requires. This guide hardens a unit step by step and scores the result.</p>https://www.linuxhosted.com/post/vps-performance-tuning-linux/Wed, 27 May 2026 00:00:00 +0000https://www.linuxhosted.com/post/vps-performance-tuning-linux/ <p>A small VPS — 1 or 2 GB of RAM, a couple of vCPUs — ships with kernel defaults tuned for a generic desktop or a large server, neither of which describes your box. A handful of <code>sysctl</code> and limit adjustments can make that same hardware noticeably more responsive under load: less needless swapping, more simultaneous connections, and headroom for the file descriptors a busy web server burns through. This guide covers the tuning that actually moves the needle on a small Linux VPS, how to apply each change so it survives a reboot, and how to confirm it took effect.</p>