This isOverseas Network Special ReportThis is the 22nd article. Addressing the frequent brute-force attacks and port scans on VPSs, I created an all-in-one security management script using AI. The script supports one-click firewall configuration, Fail2Ban, and BBR optimization. Core functions include teaching you how to generate SSH keys from scratch, host them on GitHub, and achieve passwordless login. Furthermore, the script integrates mainstream testing scripts such as Docker, 1Panel installation, and native streaming media unlocking, allowing for easy VPS maintenance simply by entering a shortcut.
🔗 **【Project Address】**
* **GitHub Repository:** https://github.com/playfulsoul/vps-secure-script
* **Quick Access Method:** After the script is installed, simply type `vps` in the terminal to quickly access the script's menu.
👍 If you think this script is good, please click the little star in the upper right corner on GitHub!
Foreword: A lesson learned from "locking myself out"
My server has recently been subjected to frequent IP scans and brute-force attacks. Emergency configuration... UFW Firewall and Fail2Ban He fired wildly, successfully blocking himself from the server as well, and finally had to urgently modify the configuration in the console to restore his login.
This experience made me realize that we need a more systematic and convenient no-code tool to manage server security. So, based on my own usage habits, I wrote an all-in-one VPS security protection and management script.
Chapter 1: One-Click Security Hardening for Beginners
For brand new VPSs (such as Oracle, Amazon, etc.), the script provides the first option, "Security Protection for Beginners," which can be executed with a single click:
- System Update: Automatically execute the update package.
- Firewall policy: The default configuration includes a UFW firewall, with common ports such as 80 and 443 added.
- Fail2Ban Defense: Install Fail2Ban to defend against port scanning.
- Performance optimization: One-click BBR acceleration setup.
- Virtual memory: By default, 1GB of virtual memory is created.
Chapter 2: Core Gameplay – GitHub Public Key Hosting and Passwordless Login
This is a method to maximize server login security. If the data is important, it's best not to log in with an account and password.
- Generate key: Use code to generate public and private keys on a computer terminal.
- Hosted on GitHub: Use in the terminal
Command + Shift + .Unlock hidden.sshExtract the public key from the folder and create a new SSH Keys setting on GitHub. - One-click import: Enter your GitHub username in the script menu to pull the public key from the cloud and import it to your server with one click. After confirming that passwordless login works correctly, you can then forcibly disable the password login policy.
Chapter 3: The All-in-One Management Hub and Test Scripts
For easier management, the script also integrates the following useful menus:
- User Management: Quickly add regular users and grant them sudo privileges, and safely delete redundant users.
- Application deployment: It provides one-click installation of the Docker environment and 1Panel panel.
- Common tests: – Streaming Test: Instantly test if your VPS natively unlocks Netflix, YouTube, and even ChatGPT and Claude.
- Backhaul routing: Perform backhaul routing tracing for the three networks to understand the performance of cross-border lines for China Telecom, China Unicom, and China Mobile.
Summary: VPS shortcut keys for instant access
This script suite not only enables rapid deployment of security protection but also provides a comprehensive daily maintenance toolkit. After installation, you only need to enter... vps This shortcut allows you to quickly access the script.
I will continue to optimize it based on usage scenarios. If you find this script helpful, please give it a star on GitHub and offer your feedback and suggestions!
**Link to my VPS**
* **Multi-country dual-ISP residential IP VPS:**https://dlj.playfulzone.top/wvk96m
* **Three-Network Optimization Bandwagon Host:**https://dlj.playfulzone.top/zfnw9k
* **Premium Line DMIT:**https://dlj.playfulzone.top/2etuq3
* **For better value, consider RackNerd - $10:**https://dlj.playfulzone.top/4kmr6u
* **For better value, consider RackNerd at $18:**https://dlj.playfulzone.top/qf5k7t
* **Low price, high specs: CloudCone is available.**https://dlj.playfulzone.top/9yp9mz
* **Japan/Singapore VPS:**https://dlj.playfulzone.top/ghxgwr
* **YT Hong Kong:**https://dlj.playfulzone.top/hubqpe
**Previous Node Transfer Videos:**
https://youtu.be/piUpxPz_YSs
https://youtu.be/gtUFnTTsiHQ
https://youtu.be/6JwV9gfYT88
https://youtu.be/DOGs1TquaYM
