[2024 EXTENDED] Black Friday / Cyber Monday: FLASH SALE & MEGATHREAD

_MS_ · December 2024

Savvy · December 2024

@Drastic7779 said:

@Savvy said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

1) Change default ssh port.
2) Install geoip database and allow access only from your country.
3) Never install CWP (Centos/Control Web Panel).

what's the problem with CWP?
Cockpit is nice.

Installed it on clean vps, went to sleep, woke up and someone from china had already broke into my server, the server was already up for 2 days before that and nobody had broken in during that time.
Avoid all closed source panels.

ariq01 · December 2024

I did install ubuntu pro too, since that is free in personal plan for 5 server to auto update.

Savvy · December 2024

mbjones · December 2024

had to use cockpit for allocating a drive once but locked it to tailscale interface. I'm not generally comfortable with a control panel of any sorts - would rather just SSH in.

donli · December 2024

raza19 · December 2024

Farewell, Oh Mega Thread

Oh mighty thread of VPS fame,
You’ll end, but never lose your name.
From $2 servers that barely boot,
To hosts who vanish in a minute—poof!

The $7 cries, the FOMO greed,
“Can I get a server for my hamster’s feed?”
Unused boxes rot, the graveyards grow,
Yet here we are—just one more, though.

Page 986, the end is near,
But wait—is that another deal I hear?
From pirate lingo to reseller schemes,
This thread turned chaos into our dreams.

So farewell, thread, it’s been insane,
You’ve driven us all just slightly deranged.
But as page 1000 comes into sight,
We’ll Eat, Sleep, Hunt VPS, and Repeat all night.

ariq01 · December 2024

@mbjones said:
had to use cockpit for allocating a drive once but locked it to tailscale interface. I'm not generally comfortable with a control panel of any sorts - would rather just SSH in.

i used cockpit once since @host_c told me to allocated and mount the 2nd drive in their docs. Can i uninstall cockpit after 2nd drive mounted, or just leave it as long as its mounted?

dev_vps · December 2024

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

Pick your port number for SSH

#!/bin/bash

# Function to restart SSH service
restart_ssh_service() {
  echo "Restarting SSH service to apply changes..."
  sudo systemctl restart sshd || sudo systemctl restart ssh
}

# Step 1: Update SSH configuration to use port 8579
echo "Updating SSH configuration to use port 8579..."
sudo sed -i 's/^#Port 22/Port 8579/' /etc/ssh/sshd_config
sudo sed -i 's/^Port 22/Port 8579/' /etc/ssh/sshd_config

# Step 2: Keep root login enabled (no change needed)
echo "Ensuring root login remains enabled..."
# No changes are made here since root login will not be disabled.

# Step 3: Restart the SSH service to apply the new port configuration
restart_ssh_service

# Step 4: Allow the new SSH port (8579) in the firewall
echo "Allowing port 8579 through the firewall..."
sudo ufw allow 8579/tcp
sudo ufw reload

# Step 5: Install Fail2Ban for protecting SSH
echo "Installing Fail2Ban for brute-force protection..."
sudo apt update
sudo apt install fail2ban -y

# Step 6: Configure Fail2Ban to block IPs after 5 failed login attempts in a day
echo "Configuring Fail2Ban to monitor SSH..."
sudo tee /etc/fail2ban/jail.local > /dev/null <<EOF
[sshd]
enabled = true                 # Enable monitoring for SSH
port = 8579                    # Specify the SSH port to monitor
filter = sshd                  # Use the default SSH filter
logpath = /var/log/auth.log    # Log file to track failed login attempts
maxretry = 5                   # Maximum login attempts allowed
findtime = 1d                  # Time window to count failed attempts (1 day)
bantime = 1d                   # Ban IPs for 1 day after maxretry is exceeded
EOF

# Step 7: Restart Fail2Ban to apply the new configuration
echo "Restarting Fail2Ban to apply settings..."
sudo systemctl restart fail2ban

# Step 8: Output completion message and provide verification steps
echo "SSH has been configured to use port 8579."
echo "Fail2Ban is set to block IPs after 5 failed login attempts in a day."
echo "To verify the configuration, you can use the following commands:"
echo "  1. Check SSH status: sudo netstat -tuln | grep 8579"
echo "  2. Check Fail2Ban status: sudo fail2ban-client status sshd"
echo "  3. Check active firewall rules: sudo ufw status"

donli · December 2024

mbjones · December 2024

@ariq01 said:

@mbjones said:
had to use cockpit for allocating a drive once but locked it to tailscale interface. I'm not generally comfortable with a control panel of any sorts - would rather just SSH in.

i used cockpit once since @host_c told me to allocated and mount the 2nd drive in their docs. Can i uninstall cockpit after 2nd drive mounted, or just leave it as long as its mounted?

I believe so although if you reinstall the OS you might need to install again to reallocate?

Savvy · December 2024

How many times have people said "goodbye" in this thread only to return back tomorrow and find out it's still open.

Drastic7779 · December 2024

@dev_vps said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

Pick your port number for SSH

#!/bin/bash

# Function to restart SSH service
restart_ssh_service() {
  echo "Restarting SSH service to apply changes..."
  sudo systemctl restart sshd || sudo systemctl restart ssh
}

# Step 1: Update SSH configuration to use port 8579
echo "Updating SSH configuration to use port 8579..."
sudo sed -i 's/^#Port 22/Port 8579/' /etc/ssh/sshd_config
sudo sed -i 's/^Port 22/Port 8579/' /etc/ssh/sshd_config

# Step 2: Keep root login enabled (no change needed)
echo "Ensuring root login remains enabled..."
# No changes are made here since root login will not be disabled.

# Step 3: Restart the SSH service to apply the new port configuration
restart_ssh_service

# Step 4: Allow the new SSH port (8579) in the firewall
echo "Allowing port 8579 through the firewall..."
sudo ufw allow 8579/tcp
sudo ufw reload

# Step 5: Install Fail2Ban for protecting SSH
echo "Installing Fail2Ban for brute-force protection..."
sudo apt update
sudo apt install fail2ban -y

# Step 6: Configure Fail2Ban to block IPs after 5 failed login attempts in a day
echo "Configuring Fail2Ban to monitor SSH..."
sudo tee /etc/fail2ban/jail.local > /dev/null <<EOF
[sshd]
enabled = true                 # Enable monitoring for SSH
port = 8579                    # Specify the SSH port to monitor
filter = sshd                  # Use the default SSH filter
logpath = /var/log/auth.log    # Log file to track failed login attempts
maxretry = 5                   # Maximum login attempts allowed
findtime = 1d                  # Time window to count failed attempts (1 day)
bantime = 1d                   # Ban IPs for 1 day after maxretry is exceeded
EOF

# Step 7: Restart Fail2Ban to apply the new configuration
echo "Restarting Fail2Ban to apply settings..."
sudo systemctl restart fail2ban

# Step 8: Output completion message and provide verification steps
echo "SSH has been configured to use port 8579."
echo "Fail2Ban is set to block IPs after 5 failed login attempts in a day."
echo "To verify the configuration, you can use the following commands:"
echo "  1. Check SSH status: sudo netstat -tuln | grep 8579"
echo "  2. Check Fail2Ban status: sudo fail2ban-client status sshd"
echo "  3. Check active firewall rules: sudo ufw status"

You don't need any of that if you only allow 443 and use tailscale...

Drastic7779 · December 2024

@mbjones said:

@ariq01 said:

@mbjones said:
had to use cockpit for allocating a drive once but locked it to tailscale interface. I'm not generally comfortable with a control panel of any sorts - would rather just SSH in.

i used cockpit once since @host_c told me to allocated and mount the 2nd drive in their docs. Can i uninstall cockpit after 2nd drive mounted, or just leave it as long as its mounted?

I believe so although if you reinstall the OS you might need to install again to reallocate?

It's an application like any other. You can safely remove it when you're done with it.

raza19 · December 2024

@Savvy said:
How many times have people said "goodbye" in this thread only to return back tomorrow and find out it's still open.

Let it be known that I predicted we wud reach page 2000 when no one else believed in me 😔😔

amj · December 2024

@dev_vps said:

sudo apt install fail2ban -y

Also python3-pyinotify.

dev_vps · December 2024

@Drastic7779 said:

@dev_vps said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

Pick your port number for SSH

#!/bin/bash

# Function to restart SSH service
restart_ssh_service() {
  echo "Restarting SSH service to apply changes..."
  sudo systemctl restart sshd || sudo systemctl restart ssh
}

# Step 1: Update SSH configuration to use port 8579
echo "Updating SSH configuration to use port 8579..."
sudo sed -i 's/^#Port 22/Port 8579/' /etc/ssh/sshd_config
sudo sed -i 's/^Port 22/Port 8579/' /etc/ssh/sshd_config

# Step 2: Keep root login enabled (no change needed)
echo "Ensuring root login remains enabled..."
# No changes are made here since root login will not be disabled.

# Step 3: Restart the SSH service to apply the new port configuration
restart_ssh_service

# Step 4: Allow the new SSH port (8579) in the firewall
echo "Allowing port 8579 through the firewall..."
sudo ufw allow 8579/tcp
sudo ufw reload

# Step 5: Install Fail2Ban for protecting SSH
echo "Installing Fail2Ban for brute-force protection..."
sudo apt update
sudo apt install fail2ban -y

# Step 6: Configure Fail2Ban to block IPs after 5 failed login attempts in a day
echo "Configuring Fail2Ban to monitor SSH..."
sudo tee /etc/fail2ban/jail.local > /dev/null <<EOF
[sshd]
enabled = true                 # Enable monitoring for SSH
port = 8579                    # Specify the SSH port to monitor
filter = sshd                  # Use the default SSH filter
logpath = /var/log/auth.log    # Log file to track failed login attempts
maxretry = 5                   # Maximum login attempts allowed
findtime = 1d                  # Time window to count failed attempts (1 day)
bantime = 1d                   # Ban IPs for 1 day after maxretry is exceeded
EOF

# Step 7: Restart Fail2Ban to apply the new configuration
echo "Restarting Fail2Ban to apply settings..."
sudo systemctl restart fail2ban

# Step 8: Output completion message and provide verification steps
echo "SSH has been configured to use port 8579."
echo "Fail2Ban is set to block IPs after 5 failed login attempts in a day."
echo "To verify the configuration, you can use the following commands:"
echo "  1. Check SSH status: sudo netstat -tuln | grep 8579"
echo "  2. Check Fail2Ban status: sudo fail2ban-client status sshd"
echo "  3. Check active firewall rules: sudo ufw status"

You don't need any of that if you only allow 443 and use tailscale...

Thank you
I am still a novice when it comes to Linux OS

SilverCreek · December 2024

@beanman109 said:
trying to figure out what the hell to do with the terabit 6/6/66
best i can think of is bitwarden because why shouldn't my password manager with a grand total of 138 credentials have 6 cores

p.s @SilverCreek i stll dont know how to claim my sweater

Run six docker containers each with 1/6th of the total resource allocation.

admax · December 2024

Savvy · December 2024

Can that dinosaur really reach the close button though

admax · December 2024

@SilverCreek said:

@beanman109 said:
trying to figure out what the hell to do with the terabit 6/6/66
best i can think of is bitwarden because why shouldn't my password manager with a grand total of 138 credentials have 6 cores

p.s @SilverCreek i stll dont know how to claim my sweater

Run six docker containers each with 1/6th of the total resource allocation.

Docker container: This time it's a luxurious feast!

beermachine · December 2024

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

This is certainly a little more common but may as well recommend it, setting a bash password is somewhat recommended because some VPS providers allow all incoming VNC connections without a password. Here's a little more sane alternative to enabling bash passwords though to prevent some exploitation if that does happen. All this is doing is disabling all the ways to shutdown the VPS from VNC (just keystrokes) that I'm aware of to prevent attackers from accessing GRUB.

systemctl mask ctrl-alt-del.target
sudo sed -i 's/^#CtrlAltDelBurstAction=reboot-force/CtrlAltDelBurstAction=none/' /etc/systemd/system.conf
echo "kernel.sysrq = 0" | sudo tee /etc/sysctl.d/99-disable-sysrq.conf && sudo sysctl --system

dev_vps · December 2024

Use UFW to lock down an Ubuntu server

https://tailscale.com/kb/1077/secure-server-ubuntu

Savvy · December 2024

7 comments to page 987

mbjones · December 2024

@beermachine said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

This is certainly a little more common but may as well recommend it, setting a bash password is somewhat recommended because some VPS providers allow all incoming VNC connections without a password. Here's a little more sane alternative to enabling bash passwords though to prevent some exploitation if that does happen. All this is doing is disabling all the ways to shutdown the VPS from VNC (just keystrokes) that I'm aware of to prevent attackers from accessing GRUB.
systemctl mask ctrl-alt-del.target
sudo sed -i 's/^#CtrlAltDelBurstAction=reboot-force/CtrlAltDelBurstAction=none/' /etc/systemd/system.conf
echo "kernel.sysrq = 0" | sudo tee /etc/sysctl.d/99-disable-sysrq.conf && sudo sysctl --system

Which providers???

Drastic7779 · December 2024

@dev_vps said:

@Drastic7779 said:

@dev_vps said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

Pick your port number for SSH

#!/bin/bash

# Function to restart SSH service
restart_ssh_service() {
  echo "Restarting SSH service to apply changes..."
  sudo systemctl restart sshd || sudo systemctl restart ssh
}

# Step 1: Update SSH configuration to use port 8579
echo "Updating SSH configuration to use port 8579..."
sudo sed -i 's/^#Port 22/Port 8579/' /etc/ssh/sshd_config
sudo sed -i 's/^Port 22/Port 8579/' /etc/ssh/sshd_config

# Step 2: Keep root login enabled (no change needed)
echo "Ensuring root login remains enabled..."
# No changes are made here since root login will not be disabled.

# Step 3: Restart the SSH service to apply the new port configuration
restart_ssh_service

# Step 4: Allow the new SSH port (8579) in the firewall
echo "Allowing port 8579 through the firewall..."
sudo ufw allow 8579/tcp
sudo ufw reload

# Step 5: Install Fail2Ban for protecting SSH
echo "Installing Fail2Ban for brute-force protection..."
sudo apt update
sudo apt install fail2ban -y

# Step 6: Configure Fail2Ban to block IPs after 5 failed login attempts in a day
echo "Configuring Fail2Ban to monitor SSH..."
sudo tee /etc/fail2ban/jail.local > /dev/null <<EOF
[sshd]
enabled = true                 # Enable monitoring for SSH
port = 8579                    # Specify the SSH port to monitor
filter = sshd                  # Use the default SSH filter
logpath = /var/log/auth.log    # Log file to track failed login attempts
maxretry = 5                   # Maximum login attempts allowed
findtime = 1d                  # Time window to count failed attempts (1 day)
bantime = 1d                   # Ban IPs for 1 day after maxretry is exceeded
EOF

# Step 7: Restart Fail2Ban to apply the new configuration
echo "Restarting Fail2Ban to apply settings..."
sudo systemctl restart fail2ban

# Step 8: Output completion message and provide verification steps
echo "SSH has been configured to use port 8579."
echo "Fail2Ban is set to block IPs after 5 failed login attempts in a day."
echo "To verify the configuration, you can use the following commands:"
echo "  1. Check SSH status: sudo netstat -tuln | grep 8579"
echo "  2. Check Fail2Ban status: sudo fail2ban-client status sshd"
echo "  3. Check active firewall rules: sudo ufw status"

You don't need any of that if you only allow 443 and use tailscale...

Thank you
I am still a novice when it comes to Linux OS

No worries. Then run nmap from another machine with your VPS as a target to make sure there are no surprise open ports

mandala · December 2024

What's your favourite Wireguard mesh tool?

beermachine · December 2024

@mbjones said:
@beermachine said:

@mbjones said:
So while we wait to reach 1000 - what’s everyone’s top 3 VPS tips? Surely that’ll generate some movement.

This is certainly a little more common but may as well recommend it, setting a bash password is somewhat recommended because some VPS providers allow all incoming VNC connections without a password. Here's a little more sane alternative to enabling bash passwords though to prevent some exploitation if that does happen. All this is doing is disabling all the ways to shutdown the VPS from VNC (just keystrokes) that I'm aware of to prevent attackers from accessing GRUB.
systemctl mask ctrl-alt-del.target
sudo sed -i 's/^#CtrlAltDelBurstAction=reboot-force/CtrlAltDelBurstAction=none/' /etc/systemd/system.conf
echo "kernel.sysrq = 0" | sudo tee /etc/sysctl.d/99-disable-sysrq.conf && sudo sysctl --system
Which providers???

I don't know of any providers that do it nowadays, but I swear it would be every fifth small provider ~6 years ago and I'm assuming it was even worse before. It's best to have those small precautions in place anyways as there's bound to still be some incompetent providers.

Savvy · December 2024

Comment 29.

Savvy · December 2024

Not nice guys, alright i will do it myself.

Howdy, Stranger!

Categories

In this Discussion

[2024 EXTENDED] Black Friday / Cyber Monday: FLASH SALE & MEGATHREAD

Comments

Howdy, Stranger!

Quick Links

Categories

In this Discussion

[2024 EXTENDED] Black Friday / Cyber Monday: FLASH SALE & MEGATHREAD

Comments