Knowledge Base

Port 22 Restriction Implemented

SSH brute-forcing is a constant problem for us, and every other hosting provider. This is the act of bots that scan IP ranges and try to gain unauthorized access to servers through password lists.

Ragnarack Hosting deploys as many countermeasures as possible, such as generating completely random root passwords for every single VPS that is deployed. We also frequently update our operating system templates which consists of removing those that are EOL (End Of Life) and no longer supported by their developers and ensuring that the latest updates are installed out-the-box (so, for example, you don't end up with an OpenSSH server that is months or years old and missing security fixes).

Inbound port 22 has now been disabled platform-wide for all VPS customers:

We understand that this decision may seem over-the-top and/or inconvenient, but with the reasons outlined above, we hope that there is understanding that this change is ultimately with the best interests of maintaining a secure and stable VPS platform. Managed VPS customers are not impacted by this change, as we've long since deployed those servers with custom SSH ports. Some customers may already run SSH on other ports, and others might not use it at all (for example, those who used SSH just once to install a web-based control panel, and never used it since). Therefore, we hope the overall impact on our customers is not too significant.

It should be noted that this change doesn't prevent the problems described above, nor does it make a VPS immune to an SSH compromise, but it will significantly help to keep things on the straight and narrow. In our experience, most of the bots described only check port 22. If there's no reply on port 22, they don't tend to look any further.

Again, we know that blocking the one port that is the foundation of all things Linux and accessing a Linux server isn't an industry-standard practice, but in this instance, we feel that the benefits of making the change outweigh the benefits of not making it. 

Please rate this article to help us improve our Knowledge Base.

6 0