5 Steps to Secure your Windows VPS
Windows VPS Security – 5 Step Guide
It’s important to remember when you purchase a new Windows VPS that your server is live on the internet and you need to take some steps to secure it. Here is a quick guide to securing your service
1 Create a new Windows Administration user
Windows machines will come with a well known default adminstrator user. This username can become a target for a brute force login attack. To prevent this create a new user with full administration privileges and then disable the default administrator user.
2 Use secure passwords
I’m sure you’ve heard it before but using weak passwords on your Windows VPS is inviting trouble. Passwords should contain a healthy mixture of upper and lower case letters, numbers and special characters.
If you are going to use the substitution of special characters for vowels trick like turning password into [email protected] make it harder by stringing words together because the hackers know that trick too for example [email protected]@ssw0rd.
If you have trouble remembering complex passwords, instead of writing them down and sticking them on your monitor consider a password safe such as Keypass to store them seceurely
3 Run Windows Update regularly
It is important that your Windows VPS is up to date with windows security updates. When you first spin up your new server we recommend running Windows Updates as soon as possible and configuring them to auto update and install.
4 Firewall and Anti Virus
Make sure that you have and active firewall and Virus scanner running on your Windows VPS at all times. Windows Security Essentials and Windows firewall can be easily setup and configured. Ensure your firewall is locked down so that only the ports you actually use are open.
5 Change the Default Remote Desktop port
By default Windows Remote Desktop runs on port 3389, those that might want to hack your server know this and will scan through servers looking for the port open to try and run attacks on it.
We recommend you change it to make this kind of attack much more difficult. For details on how please see you article “Change Windows VPS RDP Port“. If you make a mistake and lock yourself out of your server you can always access it via the Terminal Server
This list is by no means exhaustive. If you have some ideas for people to use please let us know by commenting on this post.