Step by step guide on how to install fail2ban on Centos 7

People using VPS hosting or dedicated hosting services for their website and app hosting, facing issues with server security.

It becomes more difficult when someone is not from technical or system administration background and managing server for his/her website, app, company.

So here we are making this task to something more simple for ssh login attacks via using fail2ban on your centos server.

Here i am discussing step by step guide to secure your VPS/dedicated hosting ssh access with the help of fail2ban.

Secure your Linux based VPS

Table of content …

  1. Why security is measure concern with a virtual or dedicated server
  2. General security tips
  3. Firewall based Security
  4. SSH Hardening
  5. Malware/virus/Hacking prevention tools

Secure your Linux based VPS

It’s nice that you are upgrading your website from shared hosting to VPS hosting to provide more power, more speed, more freedom, more resources, more flexibility and so on.

But when you move to VPS / dedicated server it’s security becomes an important aspect for your websites & apps data.

Security includes malware protection, virus protection, intrusion detection and protection, bandwidth stealing prevention, spam relay prevention, and much more things need to focus from a security point of view.

Here we will discuss step by step tips for virtual & dedicated server security tips.

Basic security measures

  1. Keep your system up to date cause software update is the biggest security measure itself, the software update includes various vulnerabilities, patches. If possible schedule automatic software updates.
  2. Add limited user accounts with minimum required permissions.
  3. Remove Unused Network-Facing Services

Firewall based security

With Cpanel installation configure lfd and CSF firewall on the server, iptables (for ipv4 and ipv6 ports)

SSH hardening

configure ssh on nonstandard ports, install fail to ban

Malware / virus / Hacking protection tools

Sitelock

Sucuri

On Page SEO

Use of  keyword Phrase during On Page SEO

    1. In the title tag at least one:– keep the keyword phrase as close to the beginning of the title tag as possible
  • Once prominently near the top of the page
    1. At least two or three times, including variations, in the body copy on the page. Perhaps a few more times if there’s a lot of text content. You may find additional value in using the keyword or variations more than this, but in our experience adding more instances of a term or phrase tends to have little or no impact on rankings.
    2. At least once in the alt attribute of an image on the page. This not only helps with web search but also image search, which can occasionally bring valuable traffic.
  • Once in the URL
  1. At least once in the meta description tag – Note that the meta description tag does not get used by the engines for rankings, but rather helps to attract clicks by searchers reading the results page, as the meta description becomes the snippet of text used by the search engines.

Note: And you should generally not use keywords in link anchor text pointing to other pages on your site; this is known as Keyword Cannibalization.

Title Tag Format

Optimal Format

Primary Keyword – Secondary Keyword | Brand Name

Means start tile with your keyword

Link Building strategy:-

  1. Get your customers to link to you
  2. Build a company blog; make it a valuable, informative, and entertaining resource
  3. Create content that inspires viral sharing and natural linking
  4. Be newsworthy

Search Engine tools

  1. Sitemap
  2. Robots.txt
  3. Meta Robots
  4. Rel=”Nofollow”
  5. Rel=”canonical”

Often, two or more copies of the exact same content appear on your website under different URLs. For example, the following URLs can all refer to a single homepage:

  • http://www.example.com/
  • http://www.example.com/default.asp
  • http://example.com/
  • http://example.com/default.asp
  • http://Example.com/Default.asp

To search engines, these appear as five separate pages. Because the content is identical on each page, this can cause the search engines to devalue the content and its potential rankings.

The canonical tag solves this problem by telling search robots which page is the singular, authoritative version that should count in web results.

  • An Example of rel=”canonical” for the URL http://example.com/default.asp
  • <html>
  •  <head>
  •    <title>The Best Webpage on the Internet</title>
  •    <link rel=”canonical” href=”http://www.example.com”>
  •  </head>
  •  <body>
  •    <h1>Hello World</h1>
  •  </body>
  • </html>

In the example above, rel=canonical tells robots that this page is a copy of http://www.example.com, and should consider the latter URL as the canonical and authoritative one.

Ion cube loader installation on centos

Ioncube encoded or secure PHP files requires a file called ioncube loader installed on the web server for successful execution.

Prerequisites

  1. Here we are taking Linux distro Centos for example path may vary for another Linux distro.
  2. Root user access
  3. Fresh installed CentOs
  4. Basic Linux command line skills
  5. Working apache instance

How to secure wordpress blog

WordPress is most popular cms and blog platform and many of us uses this for their content management or blogging hence it is also most common system that’s why it requires some more efforts to secure your site from attacks or malware.

 

Here we are suggesting some tips to secure your WordPress hosting these tips does not guarantee 100% security from attacks of hackers because no website is 100% secure but can provide you the maximum level of security which we can do from our end to protect our site or blog.

Tips

  1. Keep your WordPress and plugins updated
  2. Keep your computer clean from malware, virus, any other infection
  3. Select secure web server(Good hosting provider) to host your WordPress
  4. Database security
  5. Appropriate File permission
  6. Regular Backups and monitoring

 

How to optimize WordPress for site speed

We know that WordPress is a widely used content management system on the web. You are also one of WordPress user, using WordPress for your site, but facing high load time for your site, due to slow page load of your WordPress. Here’s how we can check and improve our overall site speed.

Why Good site speed required.

Website load speed plays an important role in your website google search ranking as well as for great user experience. Google’s search algorithm includes your page load times as one of the many parameters while calculating PageRank.

Here’s why Google like good site speed

What do Bing experts say about site speed?

According to a report by the Microsoft Bing search team, a 2-second longer delay in page responsiveness reduced user satisfaction by 3.8%, increased lost revenue per user by 4.3%, and reduced clicks by 4.3%.

Let’s check and improve your Site speed.

To check your site speed, get help from these awesome tools.

  1. Webpagetest
  2. Gtmetrix
  3. Page speed tools by google

Once you have checked and find some issues with your site, now fix them.

Here are some other things which also need to check or do in terms of site speed improvements.

  1. Choose a good WordPress Hosting

Yes, this is the most important aspect of your site speed, that you choose a good WordPress hosting provider with good hardware and network availability.

Here’s our Guide on How to choose a Web Host

Now we also need some software or plugins to tweak the performance of your WordPress site.

  1. Use Caching

Via plugins:– For WordPress caching you can use plugins W3 Total Cache or WP Super Cache. These plugins will convert your WordPress posts as static files and these static files are then the server to Users to reduce server processing load. When combined with a system level page cache such as Varnish, this can be quite powerful.

Browser caching:– with browser caching, we’re explicitly instructing browsers to hang onto particular files for a specified period of time. When the file is needed again, the browser is to pull from its local cache instead of requesting it from the server again.

Server caching: – more complex but it is used in very high traffic sites, simplest solutions start with the server caching locally while more complex may use multiple caching servers (also known as reverse proxy servers) “in front” of web servers where the WordPress application is actually running. Adding an opcode cache like Alternative PHP Cache (APC) to your server will improve PHP’s performance by many times.

  1. Image Optimization

Images may slow down your WordPress if they are not optimized for speed.

How to know if your images are slowing your site down use Pingdom website speed test. This will tell you your overall load time and site size. The best practice is less than 3 seconds and smaller than 1mb

  1. WordPress database optimization

wp-optimize plugin for database cleanup and optimization without phpmyadmin.

We would also recommend the WP-DBManager plugin, which can schedule dates for database optimization.

  1. Minify HTML, CSS & Javascript    All that blank space, comments, new line characters and anything redundant in your code that makes it easier on the eye without purpose is completely useless to a server and the IP that trying to reach out to your servers requesting your site.

Remove all this stuff with a free caching plugin and your site will be better off in terms of performance.

  1. Minimize the number of HTTP requests    When someone visits your website, the corresponding files must be sent to the user’s browser. This includes CSS files, Javascript library references, and images. Having a high number of files requiring multiple server requests is not efficient at all. You can reduce this by combining JS scripts, HTML and CSS files together.
  2. Replace PHP With Static HTML PHP is great for making a website efficient and reducing the need to enter the same information multiple times. However, calling information through PHP uses up server resources and should be replaced with static HTML where it doesn’t save any time.
  3. GZIP Compression  Large pages (which is what you could have if you’re creating high-quality content) are often 100kb and more. As a result, they’re bulky and slow to download. The best way to speed their load time is to zip them—a technique called compression.

Enabling gzip compression on your site will reduce the amount of data sent from your server to the visitor’s browsers, thus increasing the page-load speed.

  1. USE CDN  Content delivery networks work by hosting your files across a large network of servers around the World. When a user visits CDNs hosted sites, CDNs provide them files from the server that is closest to them. Because the bandwidth is spread across so many different servers, it reduces the load on any single server and also protects your sites from DDoS attacks and traffic spikes, hosting your files or media on the content delivery network is one of the best ways to improve your site speed. CDN also saves up to 60% of total bandwidth consumption.
  2. Use Lazy Load For Text, Videos & Images

How to migrate wordpress from existing hosting provider to PnS Hostings WordPress Hosting

How to migrate WordPress from existing hosting provider to PnS Hostings WordPress Hosting Planning to move your WordPress to another host or with PnS Hostings WordPress hosting service. Then you are in the right place, nothing need to worry about migration. Here we will tell you to step by step process of WordPress migration from a regular host.

Migration involves 3 Major steps

  1. Backup of WordPress database on the existing host and transfer backup on PnS Hostings hosting account.
  2. Download all WordPress files from the existing host server and upload them on PnS Hostings server.
  3. Finally, restore your database backup and make necessary changes on the wordpress config file.

Now let’s start with WordPress database backup on existing hosting account as almost all regular hosting provider offer phpmyadmin with their hosting services, so make use of phpmyadmin for database backup and export backed up database and move this backed up database file (it will .sql file) with the help of  scp or rsync or FTP client (depending upon which most suits for you)

In next step login into existing WordPress hosting account and download all WordPress files on your local computer, once you have finished all files download, then login into PnS Hostings WordPress hosting account via FTP client and start uploading all files to PnS account after completion of this upload move to next step.

Upon successful file transfer, you need to import your backed up database file on PnS WordPress account hope you know how to import the database using phpmyadmin. After the successful import of database, you have to edit your WordPress configuration file according to your new database details. If all will be done properly, and after DNS records update according to PnS server your WordPress should work fine on PnS servers.

Important: if you change the domain name of your site then additional configuration may be required.