It is surprising how many people will install SolusVM on their VPS node and say, “All right, everything is set up and ready for clients”. These people are inexperienced, because as soon as they receive an influx of clients, they will see that there is a lot of set up that isn’t necessarily as simple as an out of the box installation of SolusVM. This is a bare minimum of steps, and it is likely that there are a lot that I have forgotten.
There are a lot of things that are absolutely required, or else you will be getting support tickets left and right asking for these things to be set up:
- TUN/TAP Enabling & Installation – This allows your customers to use TUN/TAP technologies so that they can run VPN services off of their VPS server. Enabling TUN/TAP on the host node. Remember, customers need to individually enable it for their VPS, if it is already enabled on the host node.
- Reverse DNS Manager – This is a bit more complicated of a set up, but it allows customers to run their own rDNS without submitting a ticket to have it done manually. PowerDNS Manager. This needs to be done on host and master nodes, as well as have a server for managing the DNS queries.
- Synchronize Templates – Using SolusVM’s media sync, you need to synchronize the templates between all servers. Without it, VPS will not create properly.
- Node Watch – This tool helps manage and suspend VPS that use too many resources. You may need to tweak the settings, notably the conntrack sessions, but this tool is invaluable. NodeWatch VPS Anti Abuse.
- Disable direct root log in – Set up another username and require them to “su” for root permissions. This is pretty basic security, but a lot of people do not do it.
- Install Fail2Ban – Locks out brute forcers.
I implore you to create a test VPS and ensure that you are able to successfully ping it, log in, and ping external websites from the test VPS. Bonus points if you do this for every template you offer, and additional bonus points if you design a script to do this for you.
Highly Recommended, But Not Required
These highly recommended steps take the form of anti-spam and firewall rules. By setting up a good firewall, you can eliminate a lot of simple spam.