How to prevent your VPS being used for spam
This article will explain how you can prevent your VPS being affected by spam.
Server security issues come in two main types:
- Where the server is compromised, giving attackers have full control of the server.
- Where individual websites on the server have been compromised.
Scripts running in a website normally only have access to the account they are running in, this means if an account is hacked attackers can’t alter other sites running on the server or make changes to the underlying server configuration.
This second type of hack results from attackers exploiting the code of a website. Detecting the comprised sites is also difficult as typically attackers will insert redirects into a site to an external server that contains the actual malware, redirects could be a legitimate part of the site. Similarly, spam sending scripts are hard to differentiate from legitimate email scripts.
Here are a few ways you can prevent any spam issues within your Virtual Private Server:
Check if your accounts have weak passwords. Spammers will typically connect to a server and try a few hundred common passwords before moving on. These may well include passwords that are the same as the username and domain name. They will also include common obfuscations of the word password.
Attackers will always make login attempts using either the full email address as the username or just common names. You should always have passwords with a mixture of upper and lower-case letters, numbers and symbols.
Unprotected Website Forms
If you have any contact forms on your websites, you should include a CAPTCHA security measure on them to prevent any bots from abusing this feature and inundating you with spam.
If you haven’t updated your CMS in a while, this could allow malicious users to exploit any security vulnerabilities and potentially use your platform’s mail() function to distribute thousands of malicious emails.
To prevent this from happening, update all assets within your CMS to use the latest version and make sure all your websites use the latest version of PHP.
Implement an SPF record
An SPF record allows you to specify IP addresses that are legitimately allowed to send email for your domain name, so adding one prevents other servers from sending mail claiming to be from your domains. For details on how to do this, please read the following article: How do I set up SPF, DKIM, or DMARC records for my VPS email?
Set a Hostname
Configure a hostname via your Virtual Server’s dashboard or root access (i.e mail.domain.com within the /etc/hostname file). For details on how to do this, please read the following article: How to change the hostname on my server?
If you regularly use your Virtual Server for email forwarding purposes, we recommend that you only perform this when necessary to minimise relay usage on your server. Furthermore, should someone try to send a large amount of emails to one of your forwarding addresses, these will be re-sent from the server, which will have a negative impact on you.
Alternatively, you may wish to use a local mailbox instead by setting up an email address on your server.