Your virtual private server, or VPS, is humming along with no issues. And it’s been like that for months now.
Or so it seems.
Suddenly, you discover that your server has seemingly crashed out of nowhere. And, of course, you panic.
The question is, did you take any steps to prevent this travesty from happening? If not, maybe your RAID actually failed a year ago and you didn’t know it. Or maybe your backups quit weeks ago and your database became corrupted due to reaching 100% capacity.
Unfortunately, research shows that server downtime costs between €300,000 and €400,000 per hour on average.
Simply put, you need to keep your VPS working efficiently, as your bottom line depends on it.
To help you, here’s a list of 15 things you need to add to your VPS preventive maintenance checklist this winter.
Let’s get started!
Before you make any alterations to your system, make sure that you’ve got backups that are in working order.
In fact, this is a critical step to take even if you’re not necessarily changing your system at the moment. After all, can you imagine how humiliating it would be to experience a cataclysmic failure and then learn that your backups fell through just a few weeks ago?
Running test recoveries may also be beneficial before you delete any critical data. Also, it wouldn’t hurt to verify that you’ve chosen the proper backup location.
Every server needs to be using RAID. However, more importantly, it’s paramount that you monitor your RAID alarms.
The reality is that the failure of just one disk could cause your entire system to fail.
No, RAID failures don’t necessarily happen all that often. However, they can happen when you least expect them. And when this occurs, you’ll be left with a disaster recovery ordeal that could take hours to get through.
If you’re utilizing a server or hosting control panel, you need to update it as part of your VPS maintenance process.
In this situation, you may have to update the panel itself as well as the software controlled by it.
For instance, with your panel, you might need to manually update your PHP versions so as to address known issues. Just because you update your panel doesn’t mean that the underlying PHP or Apache versions that your operating system (OS) uses will automatically update as well.
Let’s say that your server happens to be with a server provider or is co-located. You should verify that the tools used to remotely manage your server work.
The three critical tools you’ll want to check include the remote console, rescue mode, and remote reboot. It’s paramount that these tools are functioning properly when they’re needed.
Take a look at your server’s network, random access memory, disk, and central processing unit utilization.
If your resources have increased or dropped unexpectedly, you’ll need to investigate why.
If you find out that you’re nearing your limits, you might have to add resources to the server, or you might need to migrate to a brand-new one.
Many hosting companies provide dashboards for reviewing resource usage during specified time periods. Such performance monitoring tool can easily help you to track how your VPS’s various components are faring.
There has been debate regarding whether regularly changing passwords is a truly smart security move. After all, if you have too many passwords to use, you’ll likely write these passwords down somewhere. Or you might use ones that are not secure.
However, if you’re the only one using your VPS, changing passwords is not quite as risky. In fact, it can be extremely helpful on the security front.
Ideally, you should change your passwords every six months to a year. This is particularly important if you’ve issued your passwords to other parties for maintenance purposes.
It’s generally not complicated to force a password change after five days, for example. Alternatively, you can simply change your passwords manually when it’s time to change them.
This is yet another important part of keeping your VPS in proper working order.
A mistake that many people make is that they use their production systems as archival systems. Instead, you should delete any old emails, software versions, and logs that you’re not using anymore.
If you keep your system as clutter-free as possible, you will limit your security issues. On top of this, the smaller your data footprint is, the faster your recovery will be.
Note that if your resource usage is greater than 90% of your disk capacity, you need to decrease your usage. If you can’t do this, adding more storage is your only other option.
Don’t let your usage reach 100%, as the VPS might stop responding. In turn, your database tables might corrupt, which means you’ll totally lose your important data.
This is another smart VPS maintenance step you shouldn’t ignore.
The grim reality is that today’s hackers usually scan for vulnerable systems just hours after issues have been disclosed. And if your system is vulnerable, a hacker might be able to easily access your server and degrade its performance.
For this reason, updating your OS frequently is key.
Linux systems can particularly be difficult to keep current, as updates for them are released frequently. However, automated tools for patch management and monitoring can alert you when your system needs an update.
If you try to update your OS manually you, unfortunately, might miss critical security updates. However, setting up a schedule for updating an OS may be able to help with this.
As a general rule of thumb, you should update your OS at least weekly if your version is current. Meanwhile, a monthly update should suffice for an older OS version.
It’s also a good idea to look out for release notices. They’ll tell you what critical security threats are out there so that you can respond rapidly to them.
In addition to updating your OS, don’t forget to update your Web applications to protect yourself against security breaches.
As with OS updates, you can automate your application updates so that you don’t forget them. Of course, if an automated update ends up going wrong, tracking down the problematic package can be more difficult. But for many VPS owners, the benefits of automatic updates outweigh the cons.
If you update packages from your distribution repositories, your software can easily stay current. Such software includes Apache and Nginx.
However, content management system (CMS) software that is not inside these repositories won’t be automatically updated. That’s why it’s a wise idea to read all of your software services’ documentation to ensure that you are updating your software regularly.
Note that some have dashboard/graphical interfaces for performing updates, whereas others will require the use of the shell.
Don’t forget to also update your plug-ins. Let’s take a quick peek at the popular CMS of WordPress to see why this is so important.
Today, WordPress is relatively solid from a security point of view. However, if you decide to install many plug-ins by various developers with varying skill levels, you put yourself at risk of security breaches if you fail to keep these plug-ins updated.
Staying on top of hardware problems is another critical move when you’re trying to maintain your VPS. You can easily do this by reviewing your logs.
Network failures, overheating notices and disk read errors can be early signs of possible hardware failure.
Although these problems are relatively rare, they are worth looking at, particularly if your system hasn’t been operating within a normal range.
Let’s say you’ve had some user changes, such as staff changes or client cancellations. You should eliminate these parties from your system.
If you store old users and sites, this is not only a security risk but also a legal risk. After all, based on your particular service contracts, it might not be within your rights to keep clients’ data once they’ve terminated services.
Keep track of who exactly is accessing your VPS, too.
With various commands, you can pinpoint who is logged in at the moment (command w) as well as the last time every user logged in (lastlog command). You can also find out all recent logins (last command).
The above commands can generally parse an access log file into a format that is easier for humans to read. Reviewing your logins is wise so that you can determine if any unauthorized individuals have tried to get into your VPS, whether their attempts were successful or not.
If you’re running a mission-critical service through your VPS, it’s important that your VPS can accommodate downtime with no problem.
For instance, let’s say that the particular data centre where your VPS is hosted experiences unexpected downtime. As a result, your node shuts down. When things return to normal, will your VPS services start up right away and become functional again, or will this have to be handled manually?
It’s paramount that the services know how to handle a reboot or lost connectivity. If things aren’t bouncing back properly, take a look at every critical service’s log to see why it’s not resuming automatically.
If you’re like many other people, you use your VPS to test new features. Therefore, your server might be running just one service that you actually use and then several others that are now obsolete.
If your VPS has software or services that you’re no longer using, it may behoove you to uninstall them. After all, each item you place on your server is just another way for your server to be attacked.
However, when you’re uninstalling a package through your distribution package manager, make sure that you don’t also uninstall dependencies for services you actually want to keep running.
The exact formula you use to maintain your VPS is ultimately up to you. After all, there’s no cookie-cutter approach to VPS maintenance. No single checklist or schedule will always work for every person and their applications.
However, the more familiar you become with your VPS, the more you can tweak your checklist over time to suit your needs.
As a general rule of thumb, you might also want to utilize security auditing tools to help you with your VPS maintenance process. This type of tool will allow you to periodically check on possible security risks as well as your system configuration and OS updates.
Ideally, you should use such a tool monthly but at least four times per year.
Remember that your VPS is not exempt from the potential threats of hackers. The more vigilant you are, the more capable you’ll be of managing risk, and the more secure your VPS will be going forward.
We are a leading provider of Web hosting services in Ireland.
We take pride in offering 24/7 monitoring combined with predictive analytics-based monitoring to identify problems before your services are affected. Our goal is to make sure that any problems that crop up are solved right away.
We also provide high-quality data security thanks to our prove data recovery efforts and backup solutions.
Furthermore, we stand out for our top-of-the-line customer service/ support. We constantly strive to exceed our customers’ expectations by always going the extra mile for them.
Get in touch with us to find out more about what should be on your VPS preventive maintenance checklist and how we can keep your VPS running like a dream long term.