VPSs are often attacked by automated bots. In the case of Linux VPSs, they try (in almost all cases) to penetrate as root users via SSH port 22 by means of brute force attacks.
We, therefore, recommend changing your SSH port and disabling access to SSH as root user on your VPS. The latter has already been automatically applied to our DirectAdmin, Plesk and cPanel VPSs.
In this article, we show you how to disable SSH access as root user on your Linux VPS.
Because most (if not all) bots try to penetrate SSH as root users, you are already a lot safer with this! An additional advantage is that your log files remain more organized and you get a clearer picture when your VPS is attacked.
Follow the steps in this article as a user with root privileges
Step 1
Connect to your VPS via the VPS console in your control panel or via SSH.
Step 2
Open the SSH configuration file with the command below. You can also use vim for this.
nano /etc/ssh/sshd_config
Step 3
In the opened configuration file, under # Authentication, add the line 'PermitRootLogin no', or adjust (if available) the line '#PermitRootLogin yes':
# Authentication PermitRootLogin no
Save the file and close the file by pressing ctrl + x> y> enter.
Step 4
Finally, restart SSH with the following commands (if you follow these steps via SSH, your connection will be terminated and you will need to reconnect):
systemctl restart sshd
Your VPS is now no longer accessible via SSH as a root user.
Should you have any questions left regarding this article, do not hesitate to contact our support department. You can reach them via the ‘Contact Us’ button at the bottom of this page.