We suggest the following things to secure your VPS:
- Disable root login on your SSH service
- Disable password auth and enable key based auth on your SSH service
- Install and configure fail2ban
- Remove unnecessary software
- Always keep your software/scripts updated
- Do not use outdated Kloxo Panel
- Do not use zPanel
- Harden your /tmp (Disable software execution on the partition)
- If you have static IP or you use a VPN, configure your SSH to only allow login from those IPs.