Knowledge Base Articles

Managing multiple servers at once might get confusing. To solve this
problem, you can turn off certain servers and also turn them on when you
need them. Follow the guide below to learn how to turn a Cloud VPS on or
off directly from your panel.

From the sidebar on the left side, click on
Services.

In the Operations column, click on the turn
on/off icon for a Cloud VPS you want to turn on/off.

If your Cloud VPS status is On, you will be shown
the following pop-up window. If you want to turn off your Cloud VPS, you
can confirm by clicking on TURN OFF.

If your Cloud VPS status is Off, Confirm by
clicking on the TURN ON button to turn your Cloud VPS
on.

You now know how to tun on or off any Cloud VPS you own. One
important factor you need to consider is turning off a VPS does not stop
billing for the VPS due to data maintenance costs. If you have any
questions, feel free to contact us by submitting a
ticket.

Understanding how to test your network speed can help you optimize
your server’s performance and troubleshoot any issues that may arise. In
this guide, we will walk you through testing your network speed using
terminal commands. However, please note that there are no
accurate test results. That’s because each test has two
sides.

During the tests, your server gets connected to another server, and
therefore, both your server’s speed, and the other server’s speed affect
the results shown to you. This is why it’s a good idea to do your tests
using multiple servers and tools.

Testing
Network Speed Using Terminal Commands

One of the most effective ways to test your network speed is by using
terminal commands. This method is more accurate than using online
websites to do network tests. Also, mastering command line tools allows
you to test different aspects of your network, such as download speed,
upload speed, and latency.

Step 1: Connect to Your
Server

First and foremost, log in to your Linux server using either SSH or
VNC and then choose either of the tools we introduce below to follow
along.

Step
2: Use speedtest-cli for a General Speed, Jitter, and Ping
Measurement

The easiest tool to test network speed is the
speedtest-cli. This tool uses the Speedtest.net
infrastructure to measure network speed and latency, providing a simple
and convenient way to test your server’s connection. Here’s how to use
it:

1. Install speedtest-cli

Based on the Linux distro you are using, choose one of the following
commands to install speedtest-cli:

For Debian or Ubuntu:

$ sudo apt-get install curl
$ curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.deb.sh | sudo bash
$ sudo apt-get install speedtest

For Fedora/CentOS/AlmaLinux/Redhat:

$ curl -s https://packagecloud.io/install/repositories/ookla/speedtest-cli/script.rpm.sh | sudo bash
$ sudo yum install -y speedtest

2. Running the tests

Once speedtest-cli is installed, you can run a
network speed test by simply typing speedtest-cli in the terminal and
pressing Enter. This will automatically select the best
server based on ping and perform a speed test.

$ speedtest

The upload and download speed will then be shown to you

Step
3: Use ‘iperf3’ for Testing Connections Between a Server and a
Client

The iperf3 tool is a versatile utility for testing
network speed. It works by creating a data stream between a server and a
client. Therefore, it allows you to measure the speed between two
devices, one which should be a server and the other is the server’s
client. Here’s a step-by-step guide on how to use it:

1. Installation

Again, based on your Linux distro, use one of the following commands
to install iperf3:

For Debian or Ubuntu:

$ sudo apt-get update
$ sudo apt-get install iperf3

For Fedora/CentOS/Alma/Redhat

$ sudo yum makecache --refresh
$ sudo yum -y install iperf3

2. Running speed tests between two servers using
iperf3

Once iperf3 is installed, you can start your own server by running
the command iperf3 -s. This will start the iperf3’s
server mode. However, this is for when you want to measure the speed
between two specific devices that you own.

In our case, we just want to know how good our server’s speed is in
general.

3. Choose a public server

To be able to run a general test with iperf3, we can use one of the
public iperf3 servers. Here’s a list of them.

Note that each public server has a limited link bandwidth. Therefore,
if you choose a server with a 1Gbps link, for example, your test won’t
show speed results more than 1Gb, even if your own server has a 10Gbps
link attached to it.

You should first sort the servers by their speed, then choose the one
closest to you. This is an important factor, as you will definitely
experience a huge latency if you don’t choose servers that are close to
you.

How can you know which servers are the closest to you? You can ping
them and choose one with the lowest latency.

4. Start iperf3 in client mode and run the test

After choosing a public server from iperf3serverlist.net, copy the
command that appears in the site’s table. Then, paste that command into
your SSH or VNC session.

For example, since I’m using one of Cloudzy’s Frankfort VPSs, I’ll
choose a 10Gbps German server among the public servers:

$ iperf3 -c speedtest.wobcom.de

The command above tests uploads. For testing download speed, you
should also add a -R to the end of the command:

$ iperf3 -c speedtest.wobcom.de -R

Regularly testing your network speed is an essential part of managing
a VPS. By using tools like iperf3 and speedtest-cli, you can keep a
close eye on your server’s performance and ensure that it’s always
running at its best. If you have any questions on running network tests,
don’t hesitate to contact us by submitting a
ticket.

Floating IPs are a key feature for Cloudzy VPS users. They let you
move IP addresses between your servers quickly. This helps to keep your
online services running without a break. You can have up to five
Floating IPs for each Cloudzy account. This makes your network flexible
and ready to grow. Each additional IP costs $1.5/ month and is
non-refundable. When you add an extra IP to your account, there will be
a one-time payment from your credit (subscription-based). You can see
the details of your purchase in the invoices section of your Cloudzy
panel.

Our guide will show you how to add and use Floating IPs with your
Cloudzy panel. You will learn to attach these IPs to your account and
virtual machines. Remember, you have to set them up yourself, and they
can’t be used for emailing. We will give you clear steps to follow so
you can make the most of your Floating IPs.

Prerequisites

Before you get started with Floating IPs, make sure you’re ready:

Cloudzy Account Ready: First, register with
Cloudzy. Then, complete any account verifications that are
needed.
Active VPS: You should have a Cloudzy VPS
already running. Floating IPs will be linked to these servers.
Check IP Availability: Make sure Floating IPs
are available in your server’s region. They vary by location.
Know the Limit: You can have up to
five Floating IPs for your Cloudzy account.
Network Setup Skills: Be ready to configure your
VPS network. We’ll guide you on how to handle this step.
SMTP Traffic: Remember that Cloudzy Floating IPs
don’t support SMTP traffic. They’re for other internet use
cases.

Once you’ve got these covered, you’re all set to add Floating IPs to
your Cloudzy setup.

Request Floating
IPs:

Sign In to Cloudzy: Log into your Cloudzy
account and go to your main dashboard.
Go to IP Management: On your dashboard, click on
IP Management on the left side.
Find ‘Add New Floating IP’: In the IP Management
area, look for Add New Floating IP.

Choose Quantity and Region: Select how many IPs
you need, from one to five, and pick the region that matches your VPS’s
location.
Click ‘ADD NEW IP’: After choosing, hit the
ADD NEW IP button.
Confirm Your Order: A box will pop up asking you
to confirm. It will notify you about the cost and remind you that the
IPs last for 30 days.

Check Assigned IPs: Once confirmed, your new IPs
will show up in the List of Available Floating IPs
section. They’ll have all the details like address, netmask, and
gateway.

Remember, you must manually set up these IPs on your VPS. They’re
fixed to your account for 30 days and don’t auto-renew by default.

Updating the IP
Address on Ubuntu VPS:

Connect to your VPS:

Use SSH in your terminal. Type: ssh
root@your_current_ip
Replace your_current_ip with the VPS’s present
IP.

Edit Netplan Config:

Open the config file with: sudo nano
/etc/netplan/50-cloud-init.yaml

Input Static IP (Optional DHCP):

Using DHCP IP side by side with Floating IP:

Keeping DHCP on means you keep your primary IP.

You can then add Floating IPs manually.

Use this method if your server’s main IP and floating IPs are
in the same subnet with the same gateway. If they’re not, it’s better to
set your IPs manually as described in the next section.

Making DHCP off and choose Floating IP Your Server’s Primary
Outgoing Address:

When you disable DHCP, you must manually set your IPs. You can make a
floating IP your server’s main outgoing address. Here’s a simple guide
to do that:

Change the Default Gateway:

In the routes part, set the gateway to the one for your floating IP.
It will look like this:

Doing this will make all the data leaving your server go through the
floating IP. It’s important because it decides how your server talks to
other systems on the internet. Make sure this is what you want for your
setup.

Save the File:

In nano, save by hitting Ctrl + X, then
Y, and Enter.

File Permissions:

Set file permissions with: sudo chmod 600
/etc/netplan/50-cloud-init.yaml

Apply Changes:

Update your network settings by typing: sudo netplan
apply
To troubleshoot problems, add –debug to the
command.

Confirm the IP:

SSH back to the VPS with the new IP.
Check the Outgoing IP:

Run curl ifconfig.me. It should show your floating
IP as the server’s public IP.

If you encounter any issues with network settings, Cloudzy’s VNC
feature allows direct access to your VPS console for
troubleshooting.

Changing the
IP Address for Other Distros

Open Network Configuration File:

Use sudo nano /etc/network/interfaces.

Find Interface Section:

Look for your interface, like eth0.
The line might read iface eth0 inet.

Set Static IP:

Change to iface eth0 inet static.
Replace eth0 with your interface.

Add IP and Netmask:

Write address 192.0.2.7.
Then netmask 255.255.255.0.
Replace with your IP and Netmask.

Set Gateway (Optional):

Add gateway 192.0.2.1.
Replace with your gateway.

Add Additional IPs:

Use up ip addr add 203.0.113.5/24 dev
eth0.
To remove, down ip addr del 203.0.113.5/24 dev
eth0.
Change IP and subnet as needed.

Restart Network:

Use sudo systemctl restart networking.
Or ifdown eth0 && ifup eth0 for one
interface.

Note:

Adjust steps for your distro.
Backup original file before changes.

Changing the
IP Address on a Windows VPS

Use RDP:

Connect to your VPS with Remote Desktop using your current IP.

Open Network Settings:

On your VPS, open ‘Run’ with Windows Key + R. Type
ncpa.cpl.

Adapter Properties:

Right-click the network adapter, usually named
Ethernet. Choose Properties.

IPv4 Settings:

Find Internet Protocol Version 4 (TCP/IPv4).
Double-click it.

Set New IP:

Choose Use the following IP address. Enter the
primary or the new IP following with a subnet mask.

DNS Servers:

Enter DNS server addresses in their section.

Add Additional IP (Optional):

Click on Advanced.
Under IP addresses, click on
Add.
Enter the additional IP and subnet.
Click on Add to confirm.

Reconnect with RDP:

Hit OK, and the RDP will close. Open RDP again and
use the new IP.

If you lose your connection due to an error, Cloudzy’s VNC lets you
access the VPS console to fix it. You have now successfully assigned
your new Floating IP address to your VPS. If you need any more
information or further assistance, feel free to contact our support team
by submitting a
ticket.

Understanding and setting the instance name or hostname for your
Virtual Private Server (VPS) is important for server management and
network identification. The hostname provides a human-readable reference
to the server and plays a significant role in networking and security.
This guide will explain what an instance name is and provides a simple
walkthrough on setting or changing your VPS’s hostname in the Cloudzy
Panel.

Prerequisites

Before starting to set or change your Cloud VPS hostname, make sure
you are prepared with:

Cloudzy Panel Access: Log into your Cloudzy
Panel where your VPS is hosted.
Active VPS: Make sure your VPS is active. You
can change the hostname while the VPS is running or if it’s turned
off.
Valid Hostname: Choose an appropriate hostname.
It should be DNS-compliant, not contain special characters, start with a
letter, and be less than 63 characters long. Examples include
node01.example.com or
database-london.example.net.

Step
1: Accessing the Cloudzy Panel for Hostname Configuration

Log In:

Navigate to the Cloudzy Panel website and enter your credentials to
log in. The dashboard will display an overview of your VPS
instances.

Select Your VPS:

From the list of available VPS instances, select the one for which
you want to change the hostname. You can easily identify it by its
current name or IP address.

Locate the Access Section:

On the VPS management page, locate the Access tab.
This is where you will find the options for modifying your VPS settings,
including the hostname.

Step
2: Changing the VPS Hostname via Cloudzy Panel

Navigate to Hostname Settings:

In the Access section of your VPS management page on
the Cloudzy Panel, locate the hostname field.

Input New Hostname:

Enter your new hostname into the field, for example,
server01.yourdomain.com or
server01.

Save and Confirm Changes:

Click the Save Changes button to submit your new hostname. A
confirmation dialog will appear, informing you that the VPS will restart
as part of the hostname change process.

Restart to Apply New Hostname:

Confirm the action to initiate the restart. The VPS will undergo a
reboot to update its system and network configurations with the new
hostname.

By following these steps, you can successfully update your VPS’s
hostname, which will be reflected once the VPS restarts and comes back
online. If you need any more information or further assistance, feel
free to contact our support team by submitting a
ticket.

The first line of network security is setting a strong password for
your MikroTik router operating system. This guide walks you through 4
simple steps to create a strong password so you can be sure that your
router’s interface is protected against unauthorized access.

Step 1: Create a VPS on your Cloudzy panel and then
copy the IP address.

Step 2: Paste the IP address in the address bar of
your browser. You’ll see a resulting web page like the one below. Now
you can set your new password. You can keep the old password field empty
If this is a new machine and you have not set a password for this
machine yet.

Step 3: Click on Change Now.

Step 4: You can now see the config page of your
RouterOS page.

As easy as a few clicks, you could successfully set a password for
your MikroTik RouterOS. If you need any more information or further
assistance, feel free to contact our support team by submitting a
ticket.

Remote Desktop Protocol (RDP) serves as a critical tool for remote
administration, allowing users to control systems from afar. However,
its widespread use has made it a prime target for brute force attacks.
These attacks exploit weak passwords, attempting to gain unauthorized
access to systems. With the rise of remote work, securing RDP has never
been more crucial.

Comprehensive
Guide to Enhancing RDP Security

By adhering to the recommendations outlined below, you will bolster
the defenses of your remote desktop environment against unauthorized
access and cyber threats.

Renaming
the Administrator Account and Securing User Access

Press Windows key + R, type
lusrmgr.msc, and press Enter to open
the Local Users and Groups Manager.

To rename the Administrator account:

In the middle pane, right-click on the
Administrator account and select
Rename.

Enter the new name for the administrator account and press
Enter.

To disable the Guest account:

Find and double-click on the Guest account.
Tick the Account is disabled checkbox and click
on OK.

To regularly check RDP access permissions:

Click on Groups in the left pane.
Double-click on the Remote Desktop Users
group.
Review the list for authorized users. To remove a user, select
them and click Remove. To add a user, click
Add and enter the necessary details.
Click Apply and then OK to
confirm any changes.

Implementing a
Strong Password Policy

Open the Group Policy Editor by pressing Windows key +
R, typing gpedit.msc into the Run
dialog.
Navigate to Computer Configuration > Windows Settings >
Security Settings > Account Policies > Password Policy.
Define the minimum password length and complexity requirements to
enhance security.
Enforce password history to discourage the reuse of recent
passwords.

Limiting
RDP Access via Firewall Configuration

Open Windows Firewall with Advanced Security by
typing wf.msc in the Run dialog (Windows key +
R).
Click on Inbound Rules in the left
pane.
Locate the rules for Remote Desktop – User Mode
(TCP-In) and Remote Desktop – User Mode
(UDP-In).
Right-click each rule and select
Properties.
Under the Scope tab, click on These IP
addresses in the Remote IP address
section.
Click Add and specify the IP addresses that are
permitted to establish RDP connections.
Confirm the changes by clicking OK and ensure
the rules are enabled.

Setting Up
Multi-Factor Authentication

Choose an MFA solution compatible with your RDP setup (e.g., Duo Security, Microsoft
Entra).
Follow the specific MFA provider’s installation and configuration
guide to integrate it with your RDP environment.
Enroll users and set up secondary authentication methods like
mobile apps or hardware tokens.

Enabling Network
Level Authentication

Right-click on This PC and select
Properties.

Click on Remote settings.
Under Remote Desktop, ensure Allow
connections only from computers running Remote Desktop with Network
Level Authentication is selected.

Changing the Default RDP
Port

Press Windows key + R to open the Run
dialog.
Type regedit and press Enter to
open the Registry Editor.
Navigate to HKEY_LOCAL_MACHINEServer-Tcp.
Find the PortNumber subkey, double-click it,
select Decimal, and enter a new port number.

Click on OK, close the Registry Editor, and update
your firewall rules accordingly.

Now, to allow the new port through the Windows
Firewall:

Open the Windows Firewall by pressing Windows key +
R, typing wf.msc.
In the left pane, click on Inbound
Rules.
Click on New Rule on the right pane.
Select Port and click on
Next.
Choose TCP and specify the new port number you
set in the Registry Editor, then click Next.

Select Allow the connection and click on
Next.
Ensure Domain, Private, and
Public are checked to define the rule’s scope as
needed, then click Next.
Give the rule a name, such as Custom RDP Port,
and click on Finish.
Restart the system and then make sure to connect via the new
port.

Configuring
Account Lockout Policies

Access the Group Policy Editor by pressing Windows key +
R and typing gpedit.msc.
Navigate to Computer Configuration > Windows Settings >
Security Settings > Account Policies > Account Lockout
Policy.
Set the Account lockout threshold, Account lockout
duration, and Reset account lockout counter
after,to appropriate values.

Updating Systems and
Software

Enable automatic updates in Windows Update settings.
Regularly check for updates on all software used in conjunction
with RDP.
Apply updates during scheduled maintenance windows to minimize
disruption.

Deploying
Antivirus and Anti-Malware Solutions

Select a reputable antivirus and anti-malware software.
Install the software following the manufacturer’s
instructions.
Set the software to update automatically and perform regular
scans.

Conducting
Regular Security Audits and Setting Up Alerts

Open the Event Viewer by typing eventvwr.msc in
the Run dialog (Windows key + R).
Navigate to Windows Logs > Security and look for event ID
4625.
To set up alerts, right-click on Security and
select Attach Task To This Log….
Follow the wizard to create a task triggered by multiple
instances of event ID 4625.

Choose an action like sending an email or displaying a message when
the task is triggered.

Complete the wizard and name the task for easy identification.

Using VPNs for
Additional Security

Determine the need for a VPN based on your security requirements
and the sensitivity of the data being accessed via RDP.
Select a reputable VPN service provider or set up your own VPN if
you have the capability.
Install and configure VPN client software on all devices that
will use RDP.
Train users to connect to the VPN before initiating an RDP
session to ensure that the remote desktop traffic is encrypted and
secure.
Regularly update and maintain the VPN infrastructure to address
any security vulnerabilities and ensure that it remains robust against
threats.

Fortify your RDP like a digital fortress. Regular updates and best
practices are your vigilant sentinels, ensuring your network’s defenses
remain impenetrable. Stay alert and proactive—your cybersecurity depends
on it. If you have any questions, don’t hesitate to contact our support
team by submitting a
ticket.

In the digital age, securing your Linux Virtual Private Server (VPS)
is paramount for safeguarding your data and infrastructure. This
comprehensive guide explores methods to protect your Linux VPS against
cyber threats.

Keep Your System
Updated

One of the most important aspects of securing your Linux VPS is
making sure that your system is up to date. Outdated software can
contain vulnerabilities that malicious actors can exploit. Here’s how to
do it:

Use Package Manager

Most Linux distributions provide a package manager. For instance, if
you are using a Debian-based system, you can run the following commands
to update and upgrade packages:

sudo apt update
sudo apt upgrade

If you’re on a CentOS system, use yum:

sudo yum update

Set Up Automatic
Updates

Set Up Automatic Updates with unattended-upgrades on
Debian-based Systems:

On Debian-based systems like Ubuntu, you can use the
unattended-upgrades package to automate the update process.

Install unattended-upgrades:

sudo apt install unattended-upgrades

Configure the automatic update settings. Edit the configuration
file:

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

Enable automatic updates for security-related packages:

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}-security";
    "${distro_id}:${distro_codename}-updates";
    "${distro_id}:${distro_codename}-proposed";
    "${distro_id}:${distro_codename}-backports";
};

Enable and start the unattended-upgrades service:

sudo dpkg-reconfigure -plow unattended-upgrades

This command will prompt you to confirm the changes. Select “Yes” to
enable automatic updates.

Set Up Automatic Updates with yum-cron on
CentOS:

On CentOS, you can use yum-cron for automatic updates:

Install yum-cron:

sudo yum install yum-cron

Start and enable the yum-cron service:

sudo systemctl enable yum-cron
sudo systemctl start yum-cron

Use
Strong Passwords and SSH Keys for Secure Authentication

Securing your Linux VPS involves using strong authentication methods.
Whether you are connecting from a Linux or Windows client, here’s how to
use strong passwords and SSH keys effectively:

Using Strong
Passwords

When creating user accounts on your VPS, make sure that passwords are
complex, combining uppercase and lowercase letters, numbers, and special
characters. Avoid easily guessable passwords.

Using SSH Key
Authentication

For Linux Client:

To generate an SSH key pair on your Linux client, use the ssh-keygen
command:

ssh-keygen -t rsa -b 2048

The public key, by default, will be stored in ~/.ssh/id_rsa.pub.

Copy your public key to the VPS:

ssh-copy-id user@your_server_ip

Disable password-based SSH login on the VPS in the SSH server
configuration file (/etc/ssh/sshd_config):

PasswordAuthentication no

For Windows Client:

On Windows, use the PowerShell for similar functionality:

ssh-keygen

Copy your public key to the VPS using PowerShell. Replace
IP-ADDRESS-OR-FQDN with the remote server’s
address:

type $env:USERPROFILE\.ssh\id_rsa.pub | ssh root@{IP-ADDRESS-OR-FQDN} "cat >> .ssh/authorized_keys"

Disable password-based SSH login on the VPS in the SSH server
configuration file (/etc/ssh/sshd_config):

PasswordAuthentication no

Implement a Firewall

Securing your Linux VPS involves setting up a firewall to control
incoming and outgoing traffic. Here’s how to implement a firewall to
enhance security:

Use ufw (Uncomplicated Firewall) on Debian/Ubuntu or
firewalld on CentOS:

Install the firewall management tool if not already installed.

For ufw on Debian/Ubuntu:

sudo apt install ufw

For firewalld on CentOS:

sudo yum install firewalld

Add rules to allow SSH before enabling the firewall to prevent being
locked out:

For ufw on Debian/Ubuntu:

sudo ufw allow OpenSSH

For firewalld on CentOS:

sudo firewall-cmd --permanent --add-service=ssh

Enable the firewall and set default rules:

For ufw on Debian/Ubuntu:

sudo ufw enable
sudo ufw default deny incoming
sudo ufw default allow outgoing

For firewalld on CentOS:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Reload the firewall for the changes to take effect.

For ufw on Debian/Ubuntu:

sudo ufw reload

For firewalld on CentOS:

sudo systemctl reload firewalld

Securing your Linux VPS involves restricting root access. Here’s how
to disable root login for enhanced security:

Create a New User: Log in to your VPS as the root user. Then create
a new user account with sudo privileges. Replace newuserwith your
desired username:

adduser newuser
usermod -aG sudo newuser

Create the .ssh Directory, authorized_keys and set permissions for
the New User:

mkdir -p /home/newuser/.ssh
touch /home/newuser/.ssh/authorized_keys
chmod 600 /home/newuser/.ssh/authorized_keys
chown -R newuser:newuser /home/newuser/.ssh

Make sure to generate and copy the public key to your
VPS.
Log in as the New User.
Disconnect from the VPS (if you’re connected as root) and log
back in using the new user account. This ensures you can perform
administrative tasks using sudo.
Edit SSH Configuration:

Open the SSH server configuration file on your VPS. This file is
usually located at /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

Locate the line that reads PermitRootLogin and set it to no:

PermitRootLogin no

Save the file and exit the text editor.

Restart SSH Service:

After making this change, you should restart the SSH service for the
new settings to take effect:

On Debian/Ubuntu:

sudo systemctl restart ssh

On CentOS:

sudo systemctl restart sshd

Harden SSH
Configuration

Securing your Linux VPS involves further hardening the SSH
configuration for added security and ensuring that UFW rules are up to
date. Here’s how to harden your SSH settings and update the UFW
rules:

Allow the New SSH Port in UFW:

If you’re using UFW (Uncomplicated Firewall), first allow the new SSH
port before making changes to the default port:

# Allow the new SSH port (e.g., 2222)
sudo ufw allow 2222/tcp

Remove OpenSSH from UFW Rules:

After changing the SSH port, you should remove the old OpenSSH
service (default port 22) from the UFW rules to ensure that only the new
SSH port is allowed:

# Remove the old OpenSSH service (default port 22)
sudo ufw delete allow OpenSSH

Change the SSH Port:

By default, SSH uses port 22. Changing the default port can add an
extra layer of security by making it harder for automated bots to find
your SSH server.

Open the SSH server configuration file:

sudo nano /etc/ssh/sshd_config

Find the line that reads Port 22 and change the port number to a
different, unused port, for example, 2222:

Port 2222

Enable Key Reauthentication:

You can set a time limit for key reauthentication to further secure
your SSH session. This means that if you leave your SSH session
unattended, it will automatically expire after a certain time.

Add or modify the following lines in the SSH server configuration
file, then save it:

ClientAliveInterval 300
ClientAliveCountMax 2

Reload UFW Rules and SSH Service:

sudo ufw reload
sudo systemctl restart ssh

Once you’ve made the necessary changes, you can establish a new SSH
connection using the following command:

ssh -p <new_port> user@your_server_ip

Implement Fail2Ban

Securing your Linux VPS involves protecting it from brute-force login
attempts and other types of malicious activity. Fail2Ban is a useful
tool for this purpose. Here’s how to implement Fail2Ban:

Install Fail2Ban:

Start by updating your package list to ensure you have the latest
available packages:

For Debian-based systems (e.g., Ubuntu):

sudo apt update

For CentOS:

sudo yum update

Install Fail2Ban:

For Debian-based systems:

sudo apt install fail2ban

For CentOS:

sudo yum install fail2ban

Configure Fail2Ban:

Fail2Ban’s main configuration file is located at
/etc/fail2ban/jail.conf. You can create an override
file at /etc/fail2ban/jail.local to customize settings
without modifying the default configuration. Open this file:

sudo nano /etc/fail2ban/jail.local

Add the following configuration to ban IP addresses for 10 minutes
(600 seconds) after six failed login attempts. Adjust the parameters as
needed:

[sshd]
enabled = true
maxretry = 6
findtime = 600
bantime = 600

Save the file and exit the text editor.

Start and Enable Fail2Ban:

Start Fail2Ban and enable it to start at boot:

sudo systemctl start fail2ban
sudo systemctl enable fail2ban

Check Fail2Ban Status:

You can check the status of Fail2Ban to ensure it’s working as
expected:

sudo fail2ban-client status

You should see that it’s monitoring the SSH service.

The 6 essential methods discussed here provide a robust defense
against potential vulnerabilities. By keeping your system updated,
employing strong authentication, configuring firewalls, hardening SSH,
and implementing Fail2Ban, you fortify your VPS and maintain peace of
mind in the ever-connected world. If you have any questions, don’t
hesitate to contact our support team by submitting a
ticket.

Sometimes, you encounter issues when using Remote Desktop Protocol
(RDP) that require a quick solution. In such cases, restarting the RDP
service is often the key to resolving these issues swiftly. This article
outlines three straightforward methods to remotely restart the RDP
service, ensuring minimal disruption to your ongoing tasks.

Method 1: Using
PowerShell

Step 1: Press Win + X, and from the
menu that appears, select Windows PowerShell
(Admin).

Step 2: In the PowerShell window, input the
following command and press Enter to restart your RDP
service.

This PowerShell command will swiftly restart the Remote Desktop
Services, allowing you to resolve RDP issues without the need for a full
system reboot.

Method 2: Using
Services Console

Step 1: To open the Services Console, press
Win + R to access the Run dialog box. Type
“services.msc” and press OK.

Step 2: In the Services Console, locate “Remote
Desktop Services.” Right-click on it, and from the context menu, select
Restart to initiate the restart process for your RDP
service.

This method provides an alternative way to restart the Remote Desktop
Services, offering flexibility in resolving RDP issues without a system
reboot.

Method 3: Using Task
Manager

Step 1: To invoke the Task Manager, press
Ctrl + Shift + Esc simultaneously.

Step 2: In the Task Manager window, navigate to the
Services tab. Here, find TermService,
which corresponds to the Remote Desktop Services. Right-click on
TermService, and from the menu that appears, select
Restart.

Task Manager provides yet another user-friendly approach to restart
the Remote Desktop Services, ensuring that you can swiftly address RDP
issues while your other programs continue to run undisturbed.

In the world of remote work and connectivity, swiftly addressing RDP
issues is crucial. These three methods provide a versatile toolkit for
restarting the RDP service, ensuring uninterrupted productivity. If you
have any questions, don’t hesitate to contact us by submitting a
ticket.

The SSH shell environment acts as the interface between users and the
remote server and enables command execution and system management over a
secure channel. Unfortunately, many users face various challenges within
this environment. These challenges include misconfigured shell settings,
such as an incorrect default shell or profile scripts and environment
variables that don’t behave as expected. Terminal emulation issues and
file permission errors can make the user experience even more
complicated. Addressing these issues is essential for efficient remote
server management and maintaining the integrity of SSH sessions.

Prerequisites

Basic understanding of the SSH protocol and its
operation.
Access to the remote server with the necessary privileges to
modify shell settings.
Knowledge of editing text files in a command-line environment
using editors like vi, nano, or
emacs.
Access to a local terminal, an SSH client like PuTTY (for Windows
users), or the default terminal (for Unix/Linux/macOS users).

Common SSH Shell
Environment Issues

Incorrect Shell
Settings:

When a user logs into a remote server via SSH, the server invokes the
user’s default shell specified in /etc/passwd. Issues
may arise if this shell is set incorrectly or if the shell’s
configuration files (like .bashrc for Bash or
.zshrc for Zsh) contain errors. These files control the
shell’s behavior and environment settings; errors here can cause alias
malfunctions, incorrect path settings, or even prevent the shell from
starting.

Environment Variable
Problems:

Environment variables like PATH,
HOME, and EDITOR dictate the user’s
operating context and preferences. Misconfiguration can lead to commands
not being found, incorrect file editing, or scripts failing to run. Such
problems often originate from mistakes within the shell’s profile
scripts (/etc/profile or
~/.bash_profile).

Terminal Emulation
Errors:

SSH clients emulate a terminal to interact with the remote shell,
translating user inputs into commands and displaying output. If the
emulation settings and the server’s expectations (like using wrong
character encoding or incorrect terminal types) don’t match, users
experience garbled text, unresponsive sessions, or keybindings that
don’t function well.

File Permission
Issues:

The Unix file permission system controls access to files and
directories. If permissions are too restrictive, users may be unable to
execute scripts or access configuration files. On the other hand,
permissions that are too lax can pose security risks. Common permission
issues include .ssh/authorized_keys not being readable,
which can lead to public key authentication failure or crucial
executables lacking execute permissions.

Understanding these issues is the first step to troubleshooting SSH
shell environment challenges. Each component within the SSH environment
plays a crucial role, and misconfigurations can lead to significant
productivity loss or security breaches.

Diagnosing Shell
Environment Issues

Identifying
Configuration Errors:

Errors in shell configuration files can be tricky to spot. Check the
.bashrc, .profile, or equivalent
configuration files for syntax errors or incorrect settings. Look out
for missing punctuation, such as semicolons or quotes.

Checking Environment
Variables:

Use env, set, or echo
$VARIABLE_NAME to list and review environment variables. Make
sure that paths and settings are correct. For instance, the
PATH variable should include directories where commonly
used programs are stored, like /usr/bin/.

Testing Terminal
Settings:

Verify that the terminal emulator is configured to match the server’s
settings. This includes checking the value of TERM, the
character encoding, and ensuring that locale settings (like LANG and
LC_*) are consistent across your local environment and the server.

Reviewing Server
Logs:

Server logs can provide valuable insights into SSH issues. The SSH
daemon log, typically located at /var/log/auth.log or
/var/log/secure, can include error messages related to
failed login attempts or configuration problems.

Diagnosing these elements can pinpoint the root causes of issues in
the SSH shell environment. Once identified, you can apply targeted fixes
to restore functionality.

Troubleshooting
and Solutions for SSH Shell Environment

Correcting Shell
Configuration:

Check for syntax errors or misplaced commands in the shell
configuration files. To edit the .bashrc file, use
nano ~/.bashrc or vi ~/.bashrc. Look
for unclosed quotes, missing semicolons, or incorrect path statements.
For changes to take effect without logging out, type source
~/.bashrc.

Setting Environment
Variables:

Misconfigured or absent environment variables can be set correctly in
the .bashrc or .bash_profile files.
For example, to set the EDITOR variable to use nano,
add export EDITOR=nano to your
.bashrc. Then, apply the changes with source
~/.bashrc.

Adjusting
Terminal Emulation Settings:

In your SSH client, check the terminal emulation settings. If you’re
using PuTTY, go to Terminal ->
Keyboard and ensure The Function keys and
keypad is set to Xterm R6. This will ensure
that your key presses are interpreted correctly by the server.

Fixing File
Permissions:

Correct file permissions are critical, especially for the
.ssh directory and its contents. To set the correct
permissions for the authorized_keys file, use:

chmod 700 ~/.ssh

chmod 600 ~/.ssh/authorized_keys

These commands restrict read, write, and execute permissions
appropriately.

Reviewing Server Logs
for Errors:

SSH-related errors are typically logged in
/var/log/auth.log or /var/log/secure.
Use grep sshd /var/log/auth.log to filter SSH-related
messages. This can reveal issues with authentication, possible security
breaches, or other errors.

By applying these troubleshooting steps, you can resolve common SSH
shell environment issues and ensure a secure and efficient connection to
your server. If you need any more information or further assistance,
feel free to contact our support team by submitting a
ticket.

Secure Shell (SSH) is an important protocol for accessing remote
servers in a secure way. Despite its reliability, users may face
connectivity issues when working with SSH. This guide will talk about
typical SSH connectivity problems and provide solutions for diagnosing
and solving them.

Prerequisites

Administrative Access: Login credentials with
the necessary privileges on the server you’re attempting to
access.
Network Access: A stable internet connection and
the ability to reach the server’s network.
SSH Client: A working SSH client installed on
your local machine, such as OpenSSH or PuTTY.
Server Information: The server’s IP address, SSH
port number (default is 22), and the appropriate user account
information.
Permissions: If using key-based authentication,
make sure your private key is available and has the correct permissions
set.

Common Issues and
Causes

Authentication
Failures

These issues arise when there’s a mismatch between the credentials
provided and those expected by the server. Common scenarios include:

Incorrect Passwords: Typing errors or recent
password changes can cause failures.
Public Key Problems: If the server-side
authorized_key file doesn’t contain the correct public
key, or if the client’s private key isn’t loaded, authentication will
fail.
Expired Credentials: Some systems enforce
password or key expiration policies for security.

Network Problems

Connectivity can be lost by network-layer issues, such as:

Firewall Restrictions: Firewalls may be
configured to block the default SSH port (22), requiring a rule change
to allow traffic.
DNS Misconfiguration: Incorrect DNS settings can
lead to the client resolving to the wrong IP address for the
server.
Service Interruption: Unreliable internet
connections or server-side networking issues can disrupt SSH
access.

SSH Configuration
Errors

Proper configuration of the SSH daemon and client is essential.
Issues might include:

Misconfigured sshd_config: Incorrect directives
in the server’s SSH configuration file can prevent connections.
Client Configuration Issues: The SSH client
configuration needs to match the server’s requirements, such as
accepting the correct key types or encryption algorithms.

Server Overload or
Downtime

High server load can slow down or disrupt SSH services, and scheduled
or unscheduled downtime can temporarily make the server
inaccessible.

Diagnostic Steps

To identify and address SSH connectivity issues, follow these
diagnostic steps:

Checking Network
Connectivity

Start by confirming that your network connection is active and
stable. Use tools like ping or
traceroute to verify the connection to the SSH server’s
IP address. This will help you determine if the issue is at the network
level.

Verifying
Credentials

Make sure that the SSH credentials you are using are correct and
current. For password-based logins, double-check the password you’re
entering. For SSH key-based logins, confirm that the private key is
loaded in your SSH client and that the corresponding public key is
present in the authorized_keys file on the server.

Inspecting SSH
Configuration

Examine the SSH configuration files carefully. On the server, the
sshd_config file should be configured to permit access
via the intended methods (password or key) and have the correct port
specified. On the client side, the configuration should match the
server’s protocol requirements.

Reviewing Server
Logs

Server logs can provide valuable insights into the cause of SSH
failures. Look for authentication errors or messages related to refused
connections. These logs are typically located in
/var/log/auth.log or
/var/log/secure.

By systematically following these steps, you can narrow down the
cause of SSH connectivity issues.

Troubleshooting
and Solutions for SSH Connectivity

Resolving Network
Issues

To adjust firewall settings, use the following commands:

For Ubuntu: sudo ufw allow 22 to allow SSH
traffic on port 22.
For CentOS: sudo firewall-cmd –permanent
–add-service=ssh followed by sudo firewall-cmd
–reload.

Fixing Authentication
Problems

If you’re experiencing issues with SSH access due to authentication,
take the following steps:

Password Reset: Within the Cloudzy Panel, navigate
to the Access tab and click RESET CLOUD VPS
PASSWORD to generate a new password.

SSH Key Verification: In the SSH
Keys section of the panel, make sure that you enter your public
SSH key correctly. The path to the authorized_keys file
on your server, which should contain your public key, is typically
~/.ssh/authorized_keys.
Permissions Check: On the server, confirm the
permissions of your ~/.ssh directory and the
authorized_keys file with chmod 700
~/.ssh and chmod 600
~/.ssh/authorized_keys.

Adjusting SSH
Configurations

For configuration adjustments:

Review and edit the SSH server configuration file located at
/etc/ssh/sshd_config on the server. Verify directives
like PermitRootLogin yes and
PasswordAuthentication yes to make sure they match your
requirements.
Restart the SSH service to apply changes with sudo
systemctl restart sshd.

Checking DNS
Configurations

Troubles with DNS configurations can lead to SSH connectivity
problems. Here’s how to verify DNS settings on both the client and
server sides:

On the Client Side (Linux): Use the dig command to
query the DNS records:

dig +short yourdomain.com

This should return the IP address of your server. If it doesn’t,
there’s likely an issue with the DNS resolution on your client
machine.

On the Client Side (Windows): Use
nslookup in the Command Prompt:

nslookup yourdomain.com

Similar to dig, this should return your server’s IP
address if DNS is resolving properly.

On the Server Side: Check the DNS resolver
configuration file, typically /etc/resolv.conf, to make
sure that it points to the correct DNS server. It should have entries
similar to the following:

nameserver 8.8.8.8

nameserver 8.8.4.4

These are Google’s public DNS servers and can be replaced with those
provided by your hosting service or ISP.

Testing DNS Resolution on the Server: Use the
dig or nslookup command directly on
the server to ensure it can resolve domain names to IP addresses. If it
can’t resolve external domain names, this could indicate a problem with
the DNS service or network configuration on the server itself.

Monitoring Resources
with htop

Install htop for real-time monitoring:

Ubuntu: sudo apt-get install htop
CentOS: sudo yum install htop

Use htop to observe CPU, memory usage, and manage
processes directly within the interface.

Maintaining Server
Health

Keep the server updated to prevent security vulnerabilities and
performance issues:

Ubuntu: Execute sudo apt update && sudo apt
upgrade to update all packages.
CentOS: Run sudo yum update to refresh the
system.

To effectively resolve SSH connectivity issues, methodically check
and correct DNS settings, authenticate credentials, adjust firewall
rules, and review SSH configurations. Regularly updating systems and
monitoring resources are essential practices for maintaining a stable
and secure server environment. By adhering to these steps, you can have
reliable SSH access to your VPS, minimizing downtime and enhancing
security. If you need any more information or further assistance, feel
free to contact our support team by submitting a
ticket.

SSH (Secure Shell) is an important aspect of secure network
administration and provides a secure method to access remote servers.
Authentication within SSH is a multi-faceted process that involves
methods like password, public key, and multi-factor authentication (MFA)
to verify user identity. Understanding these authentication methods and
their common issues is essential for secure and effective remote server
access.

Prerequisites

Administrative access to the server to manage SSH configurations
and user accounts.
Familiarity with SSH key generation and the setup process for
public and private keys.
Understanding of the server’s password policy and account
management procedures.
Knowledge of configuring and troubleshooting MFA setups.
Access to the server’s SSH configuration files, typically located
at /etc/ssh/sshd_config.
Ability to use command-line tools for log analysis and
configuration file editing.
For SSH agent issues, understanding how SSH agents work and how
to add keys to the agent.

Common SSH
Authentication Issues Explained

Password
Authentication Failures

Password issues are one of the most common SSH authentication
problems. Users may enter their passwords incorrectly can lead to
account lockouts due to security policies. Password expiration is
another aspect where passwords may no longer be valid after a certain
period.

Public Key
Authentication Problems

This form of authentication is more secure than passwords but comes
with its own challenges. If the public key is missing from the server’s
.ssh/authorized_keys file or if the private key on the
client side is not correctly configured or has incorrect permissions
(should be 600), authentication will fail. Another common issue is
format errors in the authorized_keys file, which can
occur if the key is copied incorrectly.

Multi-Factor
Authentication (MFA) Challenges

MFA provides an additional security layer that usually includes a
time-based code or a physical token. Common issues with MFA include time
drift on tokens leading to failed synchronizations, or users losing
access to their MFA device, which can lock them out of the system.

SSH Agent Issues

The SSH agent holds private keys used for public key authentication,
reducing the need to enter passwords. Problems can arise if the SSH
agent is not running or if keys are not added to the agent with
ssh-add. This can lead to repeated password prompts or
authentication failures.

Understanding these common issues and their implications is crucial
for maintaining a seamless and secure SSH environment.

Diagnosing SSH
Authentication Issues

When you have SSH authentication problems, a systematic approach can
help you in identifying the root cause:

Analyzing Error
Messages

SSH provides specific error messages that can guide you to the issue.
For instance, “Permission denied (publickey)” suggests a problem with
public key authentication, while “Access denied” might indicate a wrong
password or a locked account.

Checking Server and
Client Logs

The server’s logs can provide detailed insights into authentication
failures. Use commands like grep sshd /var/log/auth.log
to filter for SSH-related log entries on the server. Similarly, check
the client logs, usually found in ~/.ssh/ or output to
the terminal, to look for clues.

Verifying
Authentication Settings

On the server, the SSH daemon configuration file at
/etc/ssh/sshd_config contains settings for
authentication methods. Make sure that password authentication, public
key authentication, and any MFA settings are correctly enabled or
disabled as required.

By carefully examining these areas, you can often pinpoint the exact
problem causing the SSH authentication issue.

Troubleshooting and
Solutions

Resolving Password
Issues

When you face password-related SSH authentication problems, resetting
your credentials is a straightforward process using the Cloudzy
Panel:

Access Cloudzy Panel:

Sign in to your Cloudzy dashboard.
Navigate to the Access section of your specific
VPS dashboard.

Password Reset:

Click on the RESET CLOUD VPS PASSWORD
button.
A confirmation prompt will appear. Upon confirmation, the VPS
will restart, and a new password will be sent to your registered email
address.

Fixing Public Key
Authentication

Verify the public key is correctly placed in the server’s
~/.ssh/authorized_keys file. Ensure the file
permissions are correct with chmod 600
~/.ssh/authorized_keys. On the client side, check that the
private key is loaded with ssh-add -l and if not, add
it with ssh-add /path/to/private_key.

Addressing MFA
Problems

For MFA issues, ensure the server and authentication device’s time
are synchronized. If the MFA device is lost, reset MFA settings through
the server’s administrative interface, often requiring temporary
disablement of MFA for the affected account.

For issues with Google Authenticator or similar MFA tools:

Resync Time: Ensure the time on your server and
MFA device are synchronized. Use the ntpdate command on
the server if necessary to sync with time servers.
Regain Access: If you have lost access to your
MFA device, use backup codes provided at setup or contact the server
administrator to temporarily disable MFA for your account to regain
access.

Managing SSH Agent Problems

Windows with PuTTY:

Launch PuTTY.
Navigate to Connection -> SSH -> Auth -> Credentials in
the category tree.
Click on the ‘Browse’ button to select your private key file for
authentication. This file will typically have a .ppk extension if it’s
been converted for use with PuTTY.

If your key file has a passphrase, you’ll be prompted to enter it
when you connect.
Save your session settings for future use.

Windows PowerShell or Command Prompt:

Ensure you have the ssh-agent service running:

Get-Service ssh-agent | Set-Service -StartupType Automatic

Start-Service ssh-agent

Add your private key to the ssh-agent:

ssh-add .ssh\id_rsa

Replace **.ssh_rsa** with the path to your private key file if it’s
not in the default location.

Linux Terminal:

Start the SSH agent if it’s not already running:

eval "$(ssh-agent -s)"

Add your SSH key to the agent:

ssh-add ~/.ssh/id_rsa

Replace ~/.ssh/id_rsa with the path to your private
key file if it’s not in the default location.

Remember that on Linux, ssh-add might ask for your
key’s passphrase if it has one. This is a one-time action per session or
until the agent is stopped or the system is restarted.

With these solutions, you should be able to tackle the most common
SSH authentication issues, from simple password resets to more complex
MFA and SSH agent problems. Always follow security best practices when
resolving these issues to maintain the integrity of your server’s access
protocols. If you need any more information or further assistance, feel
free to contact our support team by submitting a
ticket.

If you ever need to scale your Cloud VPS up or down, you can do so on
your own without the hassle of submitting a ticket. The following simple
steps will teach you how to upgrade, downgrade, and resize your Cloud
VPS.

From the sidebar on the left side, click on
Services.

Click on the row of the Cloud VPS you want to resize.

At the top of the page, click on the RESIZE
button.

Select a plan you want to upgrade/downgrade to that and click on the
RESIZE button.

The following pop-up will be displayed to you. By clicking on the
RESIZE button, your current Cloud VPS will be
upgraded/downgraded.

You have now successfully resized your Cloud VPS. You can always
upgrade or downgrade your Cloud VPS. If you have any questions, feel
free to contact us by submittng a
ticket.

Moving your Cloud VPS to another location can be important for higher
speed or for following regional data regulation policies. Cloudzy offers
you two approaches for moving your Cloud VPS: you can delete your VPS
and start a new one where you need it, or you can ask our support team
to move your VPS for you. This guide will walk you through each step for
both options.

Prerequisites

Before relocating your VPS, make sure you:

Backup Your Data: Save any important information
from your VPS to avoid losing it.
Know Your Current VPS Details: Be aware of your
current VPS region and specifications.
Cloudzy Account Access: Can log into your
Cloudzy account.
Choose a New Region: Know where you want to move
your VPS. Cloudzy has 15 strategical server locations.

Having these ready will make the moving process smooth and safe.

Option 1:
Relocate by Recreating Your VPS

Backup Your Current VPS:

Before making any changes, make sure you have a complete backup of
your VPS to prevent data loss.

Delete Your Existing VPS:

Go to your Cloudzy dashboard, select your VPS, and use the delete
option. Remember, this action cannot be undone.

Create a New VPS in the Desired Region:

Click on New Cloud VPS and choose the region you
wish to move to. Follow the process to set up your VPS with the desired
specifications.

Restore Your Data:

Once your new VPS is running, restore the data from the backup you
created.

This method is straightforward but requires setting up your
environment again in the new region.

Option
2: Request VPS Relocation Through Cloudzy Support

Initiate a Support Ticket:

Within the Cloudzy Panel, go to the Support area and
start a new ticket to communicate with the support team.

Select Your Current VPS:

When creating the ticket, choose your current VPS from the
Related Services section. This way the support team
will know which VPS you’re referring to.

Detail Your Relocation Request:

Clearly state that you wish to relocate your VPS and specify the
desired new region.

Wait for Response:

The support team will reach out to you with confirmation or to
request additional details that are necessary for the relocation.

Complete the Relocation Process:

Follow any instructions given by the support team to finalize the
relocation of your VPS to the new region.

Using the support system to move your VPS can be an easy alternative
that avoids the need to set up your server environment from scratch.

Running a VPN or proxy service on a server can have several risks. As
the owner of the IP, your users are responsible for any abuse or illegal
activity conducted through your service. To protect yourself from this
issue, you need to take proactive measures to protect your
reputation.

Strict Mode:
Whitelisting

One way to make sure your server is not being abused is to only allow
certain activities. This approach which is called whitelisting, doesn’t
fully prevent abuse; your users can still attack other people and result
in your server’s suspension. However, it can make the abuse process a
lot harder, and it’s very likely to drive away abusers from your
services (and, unfortunately, some legitimate users as well).

What we’re proposing here is to drop all incoming and outgoing
packets from your server except the ones that are absolutely needed.
Here’s how you can do this.

The only thing you need to consider before following the guide is
that you shouldn’t have any other firewalls enabled on your server.
Although this guide covers the process on Ubuntu, you don’t need to have
it as your OS. The logic of the process is the same for other OSs as
well.

1. Installing UFW

First, you need to install UFW.

sudo apt install ufw

2.
Blocking all incoming and outgoing connections

Make sure you disable UFW because the following commands may
interrupt your connection to your server:

sudo ufw disable

the commands below will basically drop every packet that tries to
enter or exit your server. later, we’ll only allow the connections that
our users need:

sudo ufw default deny incoming

sudo ufw default deny outgoing

3. Allowing
yourself to connect to your server

Now we’ll allow incoming connections to port 22, which is the port
used for establishing SSH connections. Although it’s always a good idea
to change your SSH port to something else:

sudo ufw allow in 22/tcp comment “Allows me to SSH to my server”

While outgoing connections are already blocked, we’ll specifically
block all outgoing packets that have port 22 as their destination (in
case you change the default policy in the future). This will make both
you and your users unable to connect to other servers using SSH on port
22. While it sounds troublesome, it’ll actually resolve one of the most
common complaints that result in your server’s suspension. By using this
command, no user will be able to perform SSH brute force attacks from
your server:

sudo ufw deny out 22/tcp comment “Stops SSH brute force”

After allowing incoming connections to port 22, you can enable your
firewall without being disconnected from your server:

sudo ufw enable

If by any chance you’re disconnected from your server, you could use
VNC to gain access to your server again and disable your firewall.

4.
Allowing your users to connect to your server to get proxy/VPN
services

Clearly, your users need to connect to and use your server’s proxy
services. Dropping all incoming connections makes this impossible for
them. So, we need to allow the proxy/VPN ports used by the users for
example, let’s say we want to allow users to connect to port 1194, which
is usually used for OpenVPN. To do so, type the following command:

sudo ufw allow in 1194/tcp comment “OpenVPN port for users”

Or, if you’re running OpenVPN over UDP:

sudo ufw allow in 1194/udp comment “OpenVPN port for users”

The logic is the same for other VPN and proxy servers as well, just
find out which port your users need to connect to and allow incoming
connections to it.

Now, your users can connect to your server and to the VPN, but they
won’t be able to make any connections to the outside world. This is the
exact purpose of whitelisting: users won’t be able to connect to any
ports unless we allow them to. Doing this minimizes the chance of
getting abuse reports.

5.
Allowing your users to visit websites and use
applications

Now we will allow outgoing traffic to ports that are used to browse
the web, and make API calls on web servers. To do so, you should allow
the TCP port 80 and the TCP port 443. Allowing UDP port 443 as well will
enable your users to make HTTP3 connections:

sudo ufw allow out 80/tcp comment “HTTP connections”

sudo ufw allow out 443 comment “HTTPS and HTTP3 connections”

6. Allowing
different services on a need basis

Usually, opening ports 80 and 443 is enough, but to get the full
functionality of certain applications or software, you may need to allow
your users to use other ports as well.

You are generally advised to do your own research and only allow
ports if they’re absolutely required. Each major application has a
networking documentation with information for network administrators
like you. In these documents, you can find the ports that the
applications use and whitelist them as well. We’ll list a few popular
ones as examples.

WhatsApp
(No video or voice call):

sudo ufw allow out 443/tcp comment “WhatsApp”

sudo ufw allow out 5222/tcp comment “WhatsApp”

Git:

sudo ufw allow out 9418/tcp comment “Git”

Some services like Discord,
Zoom,
or WhatsApp voice and video calls require a wide range of UDP ports, you
may open these at your own discretion.

Lenient Mode:
Blacklisting

In whitelisting, you block everything and allow specific ports. In
blacklisting, you allow everything and block specific ports.

1. Installing UFW

First, you need to install UFW

sudo apt install ufw

2. Blocking the
incoming connections

Make sure you disable UFW because the following commands may
interrupt your connection to your server:

sudo ufw disable

It makes sense to block all incoming connections unless we serve
specific services. So let’s reject all incoming traffic:

sudo ufw default deny incoming

Note that this time you’re not blocking all outgoing connections.
This allows your users to connect to any port they’d like. This is not
advisable unless you absolutely trust your users.

3.
Allowing yourself to connect to your server

Now we will allow incoming connections to port 22, which is the port
used for establishing SSH connections to your server. Although it is
always a good idea to change your SSH port to something else:

sudo ufw allow in 22/tcp comment “Allows me to SSH to my server”

If you want to Block SSH port to avoid SSH brute force abuse reports,
you can use the following command:

sudo ufw allow out 22/tcp comment “Block Outgoing SSH ”

4. Block BitTorrent

Using the same logic, you need to block ports that are used for
BitTorrent. However, since there are multiple ports for this, you need
to do your research and block public tracker IPs as well as the ports
that are normally used for BitTorrent.

If you have any questions, don’t hesitate to contact us by submitting a
ticket.

Efficiently transferring files between your local system and your
Windows VPS is crucial for managing your remote server effectively. This
guide will walk you through three practical methods for hassle-free file
transfers using Remote Desktop, empowering you to streamline your
workflow and keep your Cloudzy Windows VPS in sync with your local
environment.

This method allows you to seamlessly share drives and folders between
your local PC and your Cloudzy Windows VPS using Remote Desktop
Connection (RDP). It’s particularly useful when you need to
access files stored on your local system while working on your VPS or
transfer files between the two environments efficiently.

Step 1:
Configure Remote Desktop Connection

Open Remote Desktop Connection on your local PC.

Click on Show Options.

In the Computer section, enter the IP address or
full domain name of your Cloudzy Windows VPS.
Fill in your username (which defaults to
Administrator).

Step 2:
Redirect Your Local Workstation’s Drives

Once the connection is established, you can configure the sharing of
your local drives and folders. This feature allows you to select
specific drives or folders you want to make accessible within your VPS
session. By choosing the resources you need, you streamline file
transfer and access.

In the Remote Desktop Connection window, click on Show
Options.
Navigate to the Local Resources tab.
Under Local devices and resources, click on
More.

Choose the drives or folders you want to share by checking the
boxes.

Click OK to confirm your selections.

Step 3:
Connect to Your Cloudzy Windows VPS

Click the Connect option in the Remote Desktop
Connection window.
After connecting, right-click on the Start menu and select
File Explorer.

Step 4:
Access and Transfer Files Seamlessly

In the final step, you’ll use the “File Explorer” on your VPS to
access the shared drives and folders from your local system. This makes
file management a breeze. You can effortlessly drag and drop files
between your local PC and Cloudzy Windows VPS, simplifying tasks like
uploading, downloading, or syncing important files.

In the File Explorer under This PC
or Computer, you will see the drives that you
configured for sharing.

You can access and transfer files and folders between your local
system and Cloudzy Windows VPS effortlessly.

Troubleshooting
“Destination Folder Access Denied” Error

If you encounter a “Destination Folder Access Denied” error while
attempting to transfer files using Remote Desktop Connection, don’t
worry; this issue can be resolved. Here’s what you can do to address
it:

Restart Remote
Desktop Connection:

First, try restarting your Remote Desktop Connection session. Close
the existing session and reconnect to your Cloudzy Windows VPS.
Sometimes, a simple reconnection can resolve access issues.

Connect as an
Administrator:

Ensure that you are connecting to your Cloudzy Windows VPS as an
administrator. Administrative accounts typically have broader file
access permissions. If you are not already using an administrative
account, log out and reconnect using one.

Verify
Permissions on the Local Drive:

Ensure that the local drive on your local machine, which you intend
to use with Remote Desktop Connection, has the appropriate read and
write permissions. Right-click on the drive, select
Properties, and navigate to the
Security tab. Confirm that your user account has the
necessary permissions.

To address the “Destination Folder Access Denied” error, review the
folder permissions on both your local system. To check permissions:

On your Windows, right-click the drive, select
Properties, and navigate to the
Security tab. Ensure that the necessary permissions,
including read and write, are granted.

Use a Different
Destination Drive:

If the error persists, try transferring the file to a different
destination drive. Ensure that the new drive also has the required
permissions.

Method
2: Copy and Paste Files between Cloudzy Windows VPS and Your Local
System

You can easily transfer files between your Cloudzy Windows VPS and
your local system using the copy-and-paste method. This method allows
you to effortlessly move files in both directions, making it ideal for
tasks like downloading reports, backing up data, or simply organizing
your files.

Step
1: Copying Files from Cloudzy Windows VPS (to Local
System)

Locate the File: On your Cloudzy Windows VPS,
navigate to the location of the file you want to transfer.
Select the File: Single-click on the desired
file to select it. If you want to transfer multiple files, you can hold
down the CTRL key on your keyboard while clicking on
each file.
Copy the File: Right-click on the selected
file(s) and choose Copy from the context menu.
Alternatively, you can use the keyboard shortcut CTRL +
C to copy the file(s).

Step 2:
Pasting Files to Your Local System

Navigate to Your Local System: Minimize the
Cloudzy Windows VPS desktop or switch to your local system.
Select the Destination: Right-click on your
local system’s desktop or navigate to the destination folder where you
want to save the file(s). This is where the copied file(s) will be
pasted.
Paste the File(s): Right-click in the
destination folder and choose Paste from the context
menu. You can also use the keyboard shortcut CTRL + V
to paste the file(s).
File Transfer: The file(s) will begin to
transfer from your Cloudzy Windows VPS to your local system. The time
required for transfer depends on the file size and your internet
connection speed.
Confirmation: Once the transfer is complete, you
will find the file(s) in the designated destination folder on your local
system.

Step
3: Reversing the Process (Local System to Cloudzy Windows
VPS)

You can also use the same method to transfer files from your local
system to your Cloudzy Windows VPS:

On your local system, locate the file(s) you want to
transfer.
Copy the file(s) using the same method as mentioned
above.
Access your Cloudzy Windows VPS using Remote Desktop
Connection.
Navigate to the desired location on your VPS.
Paste the file(s) into the VPS location to complete the
transfer.

Using the copy-and-paste method, you can efficiently transfer files
between your Cloudzy Windows VPS and your local system in both
directions, making it convenient to work with and manage your data
across both environments.

Method
3: Transferring Files between Windows VPS and the Local System Using
File Explorer

File Explorer provides a user-friendly and intuitive
method for transferring files between your Windows VPS and your local
system. Whether you need to move important documents, backup files, or
organize your data, File Explorer simplifies the process.

Step 1:
Access File Explorer on Windows VPS

Connect to Your Windows VPS: Begin by connecting
to your Windows VPS through Remote Desktop Connection, following your
usual procedure.
Open File Explorer: Once connected, open
File Explorer by right-clicking on the Start menu or
taskbar and selecting File Explorer from the menu. Alternatively, you
can use the keyboard shortcut Windows Key + E to launch
File Explorer.

Step
2: Locate and Select the File or Folder (Windows VPS to Local
System)

Navigate to the File or Folder: Within File
Explorer on your Windows VPS, navigate to the location of the file or
folder you intend to transfer to your local system.
Select the File or Folder: Left-click on the
file or folder to highlight it.

Step 3: Copy the File or
Folder

Access Home Tab: In the top bar of the File
Explorer window, locate and select the Home
tab.
Choose Move To or Copy To: Within the Home tab,
you will find options for Move to or Copy
to in the subcategory. Click on your preferred option based on
your specific file transfer needs.

Specify the Destination: In the drop-down menu,
choose Choose the location and specify the destination
on your local system where you wish to transfer the file or folder.

Initiate Copy: After specifying the desired
destination, click on the Copy button.

Note: To perform the reverse process and transfer
files from your local system to your Windows VPS, follow the same steps
but initiate the transfer from your local system’s File Explorer to the
drive you shared in the Remote Desktop Connection.

In summary, these methods simplify file transfers between your
Windows VPS and local system, enhancing data management for tasks such
as website hosting and application management. If you have any
questions, feel free to contact us by submitting a
ticket.

PAYG or Pay As You Go is a pricing
model commonly used in the cloud computing industry. Cloudzy’s Cloud
services use this pay-as-you-go approach for billing customers on an
hourly basis. So, instead of traditional IT cost models, which are
essentially subscription-based, PAYG will be used as a valuable method.
This approach is pretty similar to utility bills, utilizing only
required and used resources. Meaning that users don’t have to pay for
the larger time cycles than they require. So, they can choose the CPU,
memory, storage, operating system, networking capacity, and any other
probable resources needed to run their environment.

Besides only paying for the used resources, another advantage of our
PAYG method is that your monthly cost won’t exceed the cost of a 30-day
monthly plan. In other words, there’s a predetermined cap for each plan,
and your accumulated usage would never exceed that cap. Regardless of
getting a Cloud VPS for only a few hours or keeping it for 30 days, you
won’t pay more than a traditional 30-day monthly plan. So, if the month
is 30 days, you’ll pay for 720 hours of services. The only exception is
when the month is 31 days. In that case you’ll pay for 744 hours of
resources.

Example:

Take a Basic $9.95 plan as an example. The hourly rate of this plan
is 0.0138 dollars. We consider each month 30 days (or 720 hours). With
PAYG billing, you can get this plan for 7 days and only pay $2.31 (7 *
24 * 0.0138). Now imagine you’ve got the same plan, and you’ve had your
Cloud VPS for an entire month. In this scenario, you need to pay $9.93
(30 * 24 * 0.0138). As you can see, even having a Cloud VPS active for
an entire month, wouldn’t cause the price to exceed the monthly
expense.

In Cloudzy, we execute hour-based PAYG, which means we bill each
Cloud VPS for the time between its initialization and
termination. In other words, instead of usage-based PAYG (aka
Pay-As-You-Use), we will provide you with the billing cycle that begins
at the Cloud VPS activation time, helping you to use
the plan productively. This means you’ll be charged as long as your VPS
is active, regardless of whether it’s on, off, or suspended. So, if you
turn your cloud VPS off, you’ll still be charged for the hours that your
server is off. The reason behind this is that your Cloud VPS resources
are dedicated to you, and even when you’re not using your server, the
server space is still occupied.

The predefined prices of plans include all parameters specified in
the plan, including RAM, CPU, Storage, Bandwidth, and a dedicated IP.
So, what you pay covers all the mentioned resources, and we won’t charge
you an extra cent for those resources. However, if you activate the
nested feature or ask for extra bandwidth, you need to pay the fee.

Example:

Imagine the $69.95 plan with 16 GB of RAM, 350 GB storage, and 10 TB
bandwidth. The hourly cost of this plan is $0.0971. But if you activate
the nested feature, the hourly cost would be $0.1081, since the hourly
cost of the nested feature ($0.011) is added to the hourly cost of your
cloud VPS. And the overall monthly payment would be $77.83. Note that
these numbers only apply to this example and the hourly rate of nested
features varies among different plans.

What Happens to Resized
Cloud VPSs?

In our plans, you’re charged on an hourly-basis as long as you don’t
exceed the monthly cap. The same rule applies when you resize your plan.
So, even when you upgrade or downgrade your plan, you’re billed with the
same method. The only difference is that you’ll receive two separate
invoices at the end of the month.

Example:

In another scenario where you upgrade or shrink your server, the
overall payment would be the added price of the two plans. For example,
you start with a $4.95 plan, which is 0.0068 dollars per hour. You use
this plan for 10 days and then upgrade to a $9.95 plan for 20 days. For
the first 10 days, you need to pay $1.63 (10 * 24 * 0.0068). And for the
next 20 days, you need to pay $6.62 (20 * 24 * 0.0138). The accumulated
price is $8.25.

We always encourage our users to contact us by submitting a ticket
and asking us any questions they have. This guide will teach you how to
create a new ticket with our support system.

Step 1: Create a New
Ticket

First, click on the support > New Ticket button
to open a new ticket to contact the support team.

Step
2: Fill Out the Form and Submit Your Request

Now, you need to fill in the information required by our support
team. You can also upload an image if you want. After doing so, click on
the Submit Ticket button and wait for a response from
the support team.

Usually, we will see and respond to your request less than 24 hours
from the submitted time.

Step
3: Follow the Thread and Check Ticket Status

Every ticket has its own thread of messages. You will be emailed
every time support agents respond to your tickets. At the end of your
conversation with our support agents, you can change the ticket status
to resolved. You can also continue the thread whenever you need just by
replying to the ticket.

Our support agents are experienced technical experts and are always
welcoming your questions. So, don’t ever hesitate to contact us!

Netcat is a versatile utility that reads and writes data across
network connections using the TCP/IP protocol. It’s a valuable tool for
network debugging and exploration, and it’s also used in various
security activities like port scanning, transferring files, and creating
a backdoor during penetration testing. This article provides a
step-by-step guide on installing and using Netcat’s listening feature on
Ubuntu or Debian systems.

Installation of
Netcat

Netcat is a standard utility available in the repositories of most
Linux distributions. Below are the installation instructions for some of
the most common Linux distributions.

nc -h

Ubuntu/Debian

On Ubuntu or Debian, you can install Netcat using the following
commands:

sudo apt-get update
sudo apt-get install netcat

CentOS/RHEL

For CentOS or Red Hat Enterprise Linux, you can use YUM (or DNF on
newer versions) to install Netcat:

sudo yum install nc

Using Netcat
Listener

The Netcat listener function allows you to monitor network traffic on
specific ports, providing real-time insights into data transmission and
aiding in network troubleshooting or security analysis.

Part 1: Scanning for
Open Ports

Before setting up a listener, it’s useful to identify open ports on
your server. Netcat can scan a single port or a range of ports.

Scanning a Range of Ports:

To scan a range of ports, use the following command, replacing
[REMOTE_COMPUTER_IP] with the server’s IP address and
[PORT_RANGE] with the range of ports to scan, such as
2000-5000:

netcat -z -v -n [REMOTE_COMPUTER_IP] [PORT_RANGE]

Example:

To scan ports ranging from 2999 to 3014 on a server with IP
127.0.0.1, the command would be:

To filter out the results and display only the open ports, you can
use grep:

netcat -z -v -n 172.86.74.34 2000-5000 2>&1 | grep succeeded!

Scanning a Single Port:

If you need to check a single port, you can use:

netcat -z -v -n [REMOTE_COMPUTER_IP] [PORT]

For example, to scan port 3000 on the server:

netcat -z -v -n 172.86.74.34 3000

This command will indicate whether port 3000 is open or closed.

Part 2: Setting Up
a Netcat Listener

Once you’ve identified an open port or if you have a specific port
you want to monitor, you can set up a Netcat listener. To listen on port
2200, for instance, use the following command:

netcat -l -p 2200

This command will instruct Netcat to listen on port 2200 for any
incoming data.

Part 3: Sending a Test
Message

To verify that your Netcat listener is properly set up, you can send
a test message from another machine. Open a terminal on another computer
and use the following command:

netcat [SERVER_IP] 2200

Replace [SERVER_IP] with the IP address of the
server where the Netcat listener is running. Once the connection is
established, you can type your message and press Enter. The message
should appear on the server where the Netcat listener is set up.

Part 4: Saving Data to a
File

If you want to keep a record of the data passing through the port
you’re monitoring with Netcat, you can redirect the output to a file.
Here’s how to save the incoming data to a file named
output.txt:

netcat -l -p 2200 > output.txt

Executing this command will direct anything received by the Netcat
listener on port 2200 to the file
output.txt You can later review this file with any text
editor.

Part 5: Sending a
File

To send a file using Netcat, you’ll need to perform actions on both
the sending and receiving machines.

On the Receiving Machine:

Set up Netcat to listen on a specific port and redirect the incoming
data to a file. For example, to listen on port 2200 and save the
incoming data to output.zip, use:

netcat -l -p 2200 > archive.zip

On the Sending Machine:

Send a file using Netcat by connecting to the listener’s IP address
and port, then redirecting the file into Netcat. Replace
[RECEIVER_IP] with the IP address of the receiving
machine:

netcat [RECEIVER_IP] 2200 < yourfile.zip

Replace yourfile.zip with the path and name of the
zip file you wish to send.

Note: When transferring files, ensure that there is
no firewall blocking the connection and that the receiving machine’s
Netcat process is initiated before the sending command is executed.

Additional
Capabilities of Netcat

Netcat’s versatility extends far beyond simple file transfers and
port listening. It’s a multifaceted tool that serves various
network-related purposes, from security to communication. Here’s a
glimpse into its additional capabilities:

Chat Server Creation: Netcat can be configured
to facilitate real-time text communication between users, acting as a
rudimentary chat server.
Service Banner Grabbing: By connecting to open
ports, Netcat can retrieve service banners, aiding in the identification
of potentially vulnerable software versions.
Network Debugging: It’s an excellent tool for
diagnosing network services, allowing you to send custom requests and
analyze the responses for troubleshooting.
Remote Administration: Netcat can bind a shell
to a network port, enabling remote command-line access to another
computer, which is particularly useful for system
administrators.
Network Daemon Testing: Developers can use
Netcat to interact with network daemons, sending test data and commands
to see how the service behaves.
Proxy Server Functionality: With Netcat, setting
up a basic proxy is straightforward, allowing you to forward traffic and
potentially monitor or analyze it for various purposes.
Network Service Emulation: It can simulate
network services, providing a mock response to incoming network
requests, which is useful for testing client-side applications.
Basic TCP/UDP Server Setup: Netcat can listen on
specified ports for incoming TCP or UDP requests, making it a tool for
creating simple servers.
Scripting and Automation: Its command-line
nature allows Netcat to be easily scripted and integrated into larger
automation tasks, streamlining repetitive network operations.
Data Tunneling: Netcat can be used to create a
data tunnel, allowing for the redirection of data streams from one
network to another.
Time Synchronization: It can facilitate the
synchronization of system clocks across a network by sending time data
between machines.
Security Testing: Netcat is a staple in security
testing, used to simulate network attacks or test the effectiveness of
firewall configurations.
Connection Testing: Quickly and efficiently test
the ability to establish TCP or UDP connections, which is essential for
network setup and maintenance.

Each of these capabilities highlights the adaptability of Netcat,
making it an indispensable tool in the networking toolkit. Whether for
development, troubleshooting, or security analysis, Netcat’s simplicity
and power make it the go-to utility for network professionals. If you
have any questions, feel free to contact us by submitting a
ticket.

In the dynamic realm of remote server management, secure access to
Linux VPS instances from Android devices is essential. While Android
doesn’t provide a built-in SSH client, third-party apps come to the
rescue. Among these apps, JuiceSSH stands out as a reliable and
feature-rich SSH client for Android. This guide will walk you through
using JuiceSSH to establish secure connections to Linux VPS instances
using SSH keys. By following these steps, you can enhance your server’s
security and efficiently manage your VPS, all from the convenience of
your Android device. Let’s dive into the world of JuiceSSH and SSH keys
for secure and streamlined server management on Android.

Understanding
JuiceSSH

JuiceSSH is a robust SSH client application specifically designed for
Android devices. Given that Android lacks a built-in SSH client,
JuiceSSH steps in to offer a secure and feature-rich command-line
interface for effectively managing Linux VPS instances. Unlike the
common assumption, JuiceSSH provides the valuable capability to generate
SSH keys within its interface. This empowers users to create SSH key
pairs directly from the application, streamlining the process and
enhancing security. Additionally, JuiceSSH allows you to import existing
keys generated on your computer. This functionality facilitates the
effortless establishment of secure connections to your servers without
the need for passwords. By exploring the capabilities of JuiceSSH,
including its SSH key generation feature, you will unlock the potential
of seamless and secure server management directly from your Android
device.

Installing JuiceSSH

To connect to your Linux VPS with SSH keys on your Android device, install
JuiceSSH from the Google Play Store.

Generating SSH Keys

Before utilizing JuiceSSH to connect to your Linux VPS securely, you
must first generate SSH keys. So, follow these steps:

Open JuiceSSH and navigate to the Manage
Connections section.
Swipe to the right to access the Identities
page.
Tap the + button located in the lower right
corner.
In the New Identity section, assign a
descriptive Nickname for your key and input your
desired username (e.g., root).

In the Private Key section, tap on SET
(OPTIONAL) and select your preferred key format from the
available options (ed25519, ECDSA, or RSA).
Enhance the security of your private key by setting a
passphrase.
Confirm your choices by tapping on OK.

⚠️ Important: Never share your private key with
anyone!

Exporting SSH Public
Keys

To export your SSH public keys from JuiceSSH and prepare for their
import into the Cloudzy portal (covered in the following section), you
can follow these steps:

Open JuiceSSH and go to the Manage Connections
section.
Swipe to the right to access the Identities
page.
Long-press on the identity that corresponds to the SSH keys you
want to export. This identity contains crucial information like SSH Keys
and usernames.

Select the option labeled Export Public Key.

Input the passphrase for your Private Key when prompted.
The next steps can vary depending on your preferences. One
approach is to send the SSH Public Key contents to your Notes App or
email it to yourself. Alternatively, you can choose other methods that
are convenient for saving the SSH Public Key contents.

By carrying out these steps, you’ll export your SSH public keys from
JuiceSSH, enabling you to proceed with their import into the Cloudzy
portal in the upcoming section. This process will be integral for
securing and streamlining your server management activities.

Importing
Your SSH Key to the Cloudzy Portal

Now, import the copied SSH key to the Cloudzy Portal for secure
server management:

After copying the SSH key to the clipboard, return to your
Cloudzy account page.
In the left sidebar, choose SSH Keys and click
on NEW SSH KEY in the top right corner.
Name your key descriptively and paste the SSH Public Key contents
into the Public Key area.

With your SSH key successfully imported, you’re well-prepared for
streamlined VPS creation and heightened server security.

Connecting to Your
VPS

To connect to your VPS via JuiceSSH after importing the public key to
the Cloudzy Portal, follow these steps:

Open JuiceSSH and navigate to the Manage
Connections section.
Tap the + button located in the lower right
corner.
On the New Connection page, choose a nickname
for the connection (optional).

Input the IP address of your VPS or the hostname associated with
your IP address.
Select your SSH Key from the Identity
options.
Verify and confirm the SSH port for your VPS (default is usually
22).
Touch the checkmark symbol (✔) in the top right corner to save
the new connection.
After being redirected to the Connections tab,
select your VPS connection to initiate the connection.

By following these steps, you’ll be able to establish a secure
connection to your VPS using JuiceSSH, leveraging the SSH public key you
imported to the Cloudzy Portal. If you need any more information or
further assistance, feel free to contact our support team by submitting a
ticket.

Setting up a domain name to point to your VPS streamlines your access
to server resources, making it easier to remember and use your domain
for RDP or SSH connections. This article will guide you through creating
a DNS A Record in your domain panel to direct your domain name to your
VPS IP address.

Prerequisites

To prepare for linking your domain name to your Cloudzy VPS, you will
need:

Domain Control Panel Access: Login credentials
for the service where your domain is registered.
Cloudzy VPS IP Address: Located in your Cloudzy
dashboard, this is the specific IP address assigned to your
VPS.

Creating a DNS A
Record

Once you have all the prerequisites in place, follow these steps to
create a DNS A Record and link your domain to your Cloudzy VPS:

Locate Your Cloudzy VPS IP Address:

Sign in to your Cloudzy dashboard.
Navigate to the Cloud VPS List section where you
will find the list of your VPS instances.
Identify the VPS you want to connect and note down the IP address
displayed alongside it.

Access Your Domain Control Panel:

Log in to the control panel of your domain registrar.
Go to the DNS settings or Domain Management area.

Add a New A Record:

Look for the option to add a new DNS record, often labeled as
“Add New Record” or similar.
Select A from the record type options.
In the Host field, enter your desired subdomain
(e.g., ‘vps’) or ‘@’ for the root domain.

Input the Cloudzy VPS IP address in the Value or
IP Address field.
Set the TTL (Time to Live) as advised by your domain registrar;
if unsure, leave it as the default.

Save Your Changes:

Review your new A Record to ensure the details are
correct.
Save the changes to update your DNS settings.

DNS Propagation Time:

DNS changes can take anywhere from a few minutes to 48 hours to
propagate worldwide.
During this time, your domain may not immediately point to your
VPS IP address.

Testing Your Domain Connection:

Once DNS changes have propagated, open the Command Prompt or
Terminal.
Type ping yourdomainname.com or
vps.yourdomain.com and press Enter.
Look for replies with your VPS IP address, which confirms the
domain is correctly pointing to your VPS.

Additional Consideration for CDN Users:

If you are using a CDN service like Cloudflare, make sure you
disable the proxy (CDN) option when adding your A Record to prevent any
conflicts with direct IP resolution.

To finalize the connection of your domain to your Cloudzy VPS, make
sure the A Record is added accurately in your domain panel. Allow up to
48 hours for DNS propagation and test the setup via a ping command. If
you need any more information or further assistance, feel free to
contact our support team by submitting a
ticket.

Testing Network Speed Using Terminal Commands

Step 1: Connect to Your Server

Step 2: Use speedtest-cli for a General Speed, Jitter, and Ping Measurement

Step 3: Use ‘iperf3’ for Testing Connections Between a Server and a Client

Prerequisites

Request Floating IPs:

Updating the IP Address on Ubuntu VPS:

Changing the IP Address for Other Distros

Changing the IP Address on a Windows VPS

Prerequisites

Step 1: Accessing the Cloudzy Panel for Hostname Configuration

Step 2: Changing the VPS Hostname via Cloudzy Panel

Comprehensive Guide to Enhancing RDP Security

Renaming the Administrator Account and Securing User Access

Implementing a Strong Password Policy

Limiting RDP Access via Firewall Configuration

Setting Up Multi-Factor Authentication

Enabling Network Level Authentication

Changing the Default RDP Port

Configuring Account Lockout Policies

Updating Systems and Software

Deploying Antivirus and Anti-Malware Solutions

Conducting Regular Security Audits and Setting Up Alerts

Using VPNs for Additional Security

Keep Your System Updated

Use Package Manager

Set Up Automatic Updates

Use Strong Passwords and SSH Keys for Secure Authentication

Using Strong Passwords

Using SSH Key Authentication

Implement a Firewall

Disable Root Login

Harden SSH Configuration

Implement Fail2Ban

Method 1: Using PowerShell

Method 2: Using Services Console

Method 3: Using Task Manager

Prerequisites

Common SSH Shell Environment Issues

Incorrect Shell Settings:

Environment Variable Problems:

Terminal Emulation Errors:

File Permission Issues:

Diagnosing Shell Environment Issues

Identifying Configuration Errors:

Checking Environment Variables:

Testing Terminal Settings:

Reviewing Server Logs:

Troubleshooting and Solutions for SSH Shell Environment

Correcting Shell Configuration:

Setting Environment Variables:

Adjusting Terminal Emulation Settings:

Fixing File Permissions:

Reviewing Server Logs for Errors:

Prerequisites

Common Issues and Causes

Authentication Failures

Network Problems

SSH Configuration Errors

Server Overload or Downtime

Diagnostic Steps

Checking Network Connectivity

Verifying Credentials

Inspecting SSH Configuration

Reviewing Server Logs

Troubleshooting and Solutions for SSH Connectivity

Resolving Network Issues

Fixing Authentication Problems

Adjusting SSH Configurations

Checking DNS Configurations

Monitoring Resources with htop

Maintaining Server Health

Prerequisites

Common SSH Authentication Issues Explained

Password Authentication Failures

Public Key Authentication Problems

Multi-Factor Authentication (MFA) Challenges

SSH Agent Issues

Diagnosing SSH Authentication Issues

Analyzing Error Messages

Testing
Network Speed Using Terminal Commands

Step 1: Connect to Your
Server

Step
2: Use speedtest-cli for a General Speed, Jitter, and Ping
Measurement

Step
3: Use ‘iperf3’ for Testing Connections Between a Server and a
Client

Request Floating
IPs:

Updating the IP
Address on Ubuntu VPS:

Changing the
IP Address for Other Distros

Changing the
IP Address on a Windows VPS

Step
1: Accessing the Cloudzy Panel for Hostname Configuration

Step
2: Changing the VPS Hostname via Cloudzy Panel

Comprehensive
Guide to Enhancing RDP Security

Renaming
the Administrator Account and Securing User Access

Implementing a
Strong Password Policy

Limiting
RDP Access via Firewall Configuration

Setting Up
Multi-Factor Authentication

Enabling Network
Level Authentication

Changing the Default RDP
Port

Configuring
Account Lockout Policies

Updating Systems and
Software

Deploying
Antivirus and Anti-Malware Solutions

Conducting
Regular Security Audits and Setting Up Alerts

Using VPNs for
Additional Security

Keep Your System
Updated

Set Up Automatic
Updates

Use
Strong Passwords and SSH Keys for Secure Authentication

Using Strong
Passwords

Using SSH Key
Authentication

Harden SSH
Configuration

Method 1: Using
PowerShell

Method 2: Using
Services Console

Method 3: Using Task
Manager

Common SSH Shell
Environment Issues

Incorrect Shell
Settings:

Environment Variable
Problems:

Terminal Emulation
Errors:

File Permission
Issues:

Diagnosing Shell
Environment Issues

Identifying
Configuration Errors:

Checking Environment
Variables:

Testing Terminal
Settings:

Reviewing Server
Logs:

Troubleshooting
and Solutions for SSH Shell Environment

Correcting Shell
Configuration:

Setting Environment
Variables:

Adjusting
Terminal Emulation Settings:

Fixing File
Permissions:

Reviewing Server Logs
for Errors:

Common Issues and
Causes

Authentication
Failures

SSH Configuration
Errors

Server Overload or
Downtime

Checking Network
Connectivity

Verifying
Credentials

Inspecting SSH
Configuration

Reviewing Server
Logs

Troubleshooting
and Solutions for SSH Connectivity

Resolving Network
Issues

Fixing Authentication
Problems

Adjusting SSH
Configurations

Checking DNS
Configurations

Monitoring Resources
with htop

Maintaining Server
Health

Common SSH
Authentication Issues Explained

Password
Authentication Failures

Public Key
Authentication Problems

Multi-Factor
Authentication (MFA) Challenges

Diagnosing SSH
Authentication Issues

Analyzing Error
Messages

Checking Server and
Client Logs

Verifying
Authentication Settings

Troubleshooting and
Solutions

Resolving Password
Issues

Fixing Public Key
Authentication

Addressing MFA
Problems

Option 1:
Relocate by Recreating Your VPS

Option
2: Request VPS Relocation Through Cloudzy Support

Strict Mode:
Whitelisting

2.
Blocking all incoming and outgoing connections

3. Allowing
yourself to connect to your server

4.
Allowing your users to connect to your server to get proxy/VPN
services