To identify security vulnerabilities on a virtual server, we should first utilize some basic commands. These commands will help us analyze the state of our system and take necessary precautions.
First, check the system load using top or htop:
Turkey (Türkçe)
Worldwide (English)
tophtopThese commands provide information about CPU and memory usage.
Use the dmesg command to view kernel messages:
dmesg | lessHere, you can find information about errors or warnings in the system.
In the process of closing security gaps, we will focus on firewall, DDoS protection, and WAF (Web Application Firewall) installations.
A commonly used firewall tool in Linux systems is UFW. To install UFW:
sudo apt updatesudo apt install ufwAfter installation, to enable the firewall:
sudo ufw enableTo deny all incoming connections by default:
sudo ufw default deny incomingYou can also allow specific ports:
sudo ufw allow 22/tcp # for SSHsudo ufw allow 80/tcp # for HTTPsudo ufw allow 443/tcp # for HTTPSTo protect against DDoS attacks, you can use fail2ban. Fail2ban blocks IP addresses that have many failed login attempts within a certain time frame.
sudo apt install fail2banEdit the fail2ban configuration file:
sudo nano /etc/fail2ban/jail.localAdd the following lines:
[sshd]enabled = truemaxretry = 3bantime = 600Save the changes and restart the fail2ban service:
sudo systemctl restart fail2banTo protect your web applications, you can install a WAF like ModSecurity. To install ModSecurity on Apache:
sudo apt install libapache2-mod-security2To enable ModSecurity:
sudo a2enmod security2Edit the configuration file:
sudo nano /etc/modsecurity/modsecurity.confIn this file, find the line SecRuleEngine On and uncomment it. Then restart the Apache service:
sudo systemctl restart apache2The steps outlined above are basic measures to enhance the security of your virtual server. By implementing firewall, DDoS protection, and WAF installations, you can safeguard your server and take precautions against potential attacks.
Copyright © 2026 All Rights Reserved
