Now, I am going to talk about 4 easy-to-use ways that you can use to secure your Windows 10 Virtual Private Server:
1. Choose a Strong Password for Your New Administrator Account
Now that you have done away with the security risk posed by the default administrator account, you need to make sure your new one is safe by choosing a strong password. There have been many great articles on how to create good passwords and it never hurts to improve your knowledge of what makes or breaks a password, or your VPS, in this case!
There are some basic tips, however, that can help you strengthen your passwords considerably. One is the password’s length. With passwords, it is the longer the better (you have to actually be able to memorize it though, so don’t get carried away). A 10-character long password is a good place to start and if you use a combination of lowercase and uppercase letters and numbers and avoid dictionary words, then your Windows VPS gets much more secure.
2. Change the Default Port for Remote Desktop Connections
The most usual way for accessing your Windows VPS is by using Remote Desktop. That is a Windows feature that, as its name suggests, allows you to connect to your desktop remotely. Remote Desktop, and any other remote access software for that matter, use a default port (3389) for its connections. This is a widely-known fact and hackers and malware will exploit that to gain access. So to bolster your Windows VPS security, we suggest you change the Remote Desktop listening port (as it’s called) as soon as possible. Port scanners coupled with brute-force bots are not to be trifled with and leaving the port at its default value only improves their chances of a successful attack.
To change the listening port, you need to use Windows Registry Editor to modify the following registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Contro l\Terminal Server\WinStations\RDP-Tcp
Use a random 4-digit number for the new port number and try to avoid obvious or popular choices like 8080 or 8888. You must also take care that your firewall is not blocking the port number you choose and that it is not already being used by another application or service. That will create conflict and can have catastrophic results.
3. Restrict Remote Desktop by IP to secure windows VPS
Changing the default port for Remote Desktop may not be enough on its own. One way to further improve your Windows VPS security is to restrict the IP addresses that can connect to your VPS via Remote Desktop. This is especially useful if you have a limited number of people connecting to it from a fixed location like an office or if it’s just you connecting from home.
If your ISP provides static IP services, then this method might be perfect for you, as you will know exactly with which IP you will be connecting to Remote Desktop. This method is not without some drawbacks, however, as it could prove troublesome if you have more people accessing your VPN or if they are not exactly staying in one place. There is also a possibility that you will lock yourself out if you’re somehow not able to use your previously defined IPs to connect to Remote Desktop anymore. You should probably weigh the pros and cons carefully before going in for this security measure, but if you do it will make for a much more secure Windows VPS.
Check out this address: https://www.routerhosting.com/windows-10-vps
4. Manage Windows Firewall Policies and Consider a Third-Party Firewall
All Windows versions come equipped with Windows Firewall, which is a decent enough firewall software if you’re not doing anything too sensitive with your Windows VPS. While there are some steps you can take to improve the efficiency of the Windows Firewall, you should also give some thought to using third-party software that’s capable of handling more sensitive tasks, such as processing credit card transactions.
Windows Firewall is great at basic and even intermediate-level tasks and you can make sure it operates more efficiently by choosing the right policies. One way to go about that is to simply choose the “Deny All” policy, which blocks all incoming and outgoing traffic but predefined exceptions. You can then choose which services and applications you need and define them as exceptions to the rule.
Bookmarks