{"id":35574,"date":"2025-11-05T16:16:29","date_gmt":"2025-11-05T09:16:29","guid":{"rendered":"https:\/\/interdata.vn\/blog\/?p=35574"},"modified":"2026-01-02T16:25:07","modified_gmt":"2026-01-02T09:25:07","slug":"loi-vps-thuong-gap","status":"publish","type":"post","link":"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/","title":{"rendered":"9+ L\u1ed7i VPS th\u01b0\u1eddng g\u1eb7p c\u00e1c nh\u00e0 qu\u1ea3n tr\u1ecb n\u00ean bi\u1ebft [C\u1eadp nh\u1eadt 2026]"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">N\u1ed8I DUNG<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 eztoc-toggle-hide-by-default' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Nhung-loi-thuong-gap-khi-su-dung-VPS-va-cach-xu-ly\" >Nh\u1eefng l\u1ed7i th\u01b0\u1eddng g\u1eb7p khi s\u1eed d\u1ee5ng VPS v\u00e0 c\u00e1ch x\u1eed l\u00fd<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#VPS-khong-truy-cap-duoc-tren-Windows-10\" >VPS kh\u00f4ng truy c\u1eadp \u0111\u01b0\u1ee3c tr\u00ean Windows 10<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Loi-bao-mat-SSH-%E2%80%93-Khong-doi-mat-khau-root-mac-dinh\" >L\u1ed7i b\u1ea3o m\u1eadt SSH \u2013 Kh\u00f4ng \u0111\u1ed5i m\u1eadt kh\u1ea9u root m\u1eb7c \u0111\u1ecbnh<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Loi-VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem\" >L\u1ed7i VPS kh\u00f4ng c\u1eadp nh\u1eadt h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 ph\u1ea7n m\u1ec1m<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Loi-VPS-tu-dong-tat-hoac-khoi-dong-lai-he-thong\" >L\u1ed7i VPS t\u1ef1 \u0111\u1ed9ng t\u1eaft ho\u1eb7c kh\u1edfi \u0111\u1ed9ng l\u1ea1i h\u1ec7 th\u1ed1ng<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Khong-sao-luu-du-lieu-dinh-ky-Backup\" >Kh\u00f4ng sao l\u01b0u d\u1eef li\u1ec7u \u0111\u1ecbnh k\u1ef3 (Backup)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Quen-cai-dat-tuong-lua-Firewall\" >Qu\u00ean c\u00e0i \u0111\u1eb7t t\u01b0\u1eddng l\u1eeda (Firewall)<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Khong-gioi-han-quyen-truy-cap-cua-user-hoac-nguoi-dung-web\" >Kh\u00f4ng gi\u1edbi h\u1ea1n quy\u1ec1n truy c\u1eadp c\u1ee7a user ho\u1eb7c ng\u01b0\u1eddi d\u00f9ng web<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Cho-phep-dang-nhap-bang-mat-khau-thay-vi-SSH-Key\" >Cho ph\u00e9p \u0111\u0103ng nh\u1eadp b\u1eb1ng m\u1eadt kh\u1ea9u thay v\u00ec SSH Key<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/#Giu-nguyen-cong-SSH-mac-dinh-Port-22\" >Gi\u1eef nguy\u00ean c\u1ed5ng SSH m\u1eb7c \u0111\u1ecbnh (Port 22)<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<p>Khi s\u1eed d\u1ee5ng <strong>VPS (Virtual Private Server)<\/strong>, kh\u00f4ng \u00edt ng\u01b0\u1eddi g\u1eb7p ph\u1ea3i c\u00e1c l\u1ed7i b\u1ea3o m\u1eadt ho\u1eb7c c\u1ea5u h\u00ecnh khi\u1ebfn h\u1ec7 th\u1ed1ng ho\u1ea1t \u0111\u1ed9ng kh\u00f4ng \u1ed5n \u0111\u1ecbnh, th\u1eadm ch\u00ed b\u1ecb t\u1ea5n c\u00f4ng. Nh\u1eefng l\u1ed7i n\u00e0y th\u01b0\u1eddng xu\u1ea5t ph\u00e1t t\u1eeb c\u00e1c thi\u1ebft l\u1eadp c\u01a1 b\u1ea3n b\u1ecb b\u1ecf qua nh\u01b0 ch\u01b0a c\u00e0i <strong>firewall<\/strong>, d\u00f9ng <strong>user root<\/strong> \u0111\u1ec3 ch\u1ea1y web, hay <strong>\u0111\u1ec3 m\u1eb7c \u0111\u1ecbnh c\u1ed5ng SSH<\/strong>.<\/p>\n<p>B\u00e0i vi\u1ebft n\u00e0y s\u1ebd gi\u00fap b\u1ea1n nh\u1eadn di\u1ec7n <strong><a href=\"https:\/\/interdata.vn\/blog\/loi-vps-thuong-gap\/\">c\u00e1c l\u1ed7i VPS th\u01b0\u1eddng g\u1eb7p<\/a> nh\u1ea5t khi qu\u1ea3n tr\u1ecb<\/strong>, \u0111\u1ed3ng th\u1eddi h\u01b0\u1edbng d\u1eabn chi ti\u1ebft <strong>c\u00e1ch kh\u1eafc ph\u1ee5c<\/strong> \u0111\u1ec3 t\u1ed1i \u01b0u b\u1ea3o m\u1eadt, t\u0103ng hi\u1ec7u su\u1ea5t v\u1eadn h\u00e0nh v\u00e0 tr\u00e1nh r\u1ee7i ro cho h\u1ec7 th\u1ed1ng.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Nhung-loi-thuong-gap-khi-su-dung-VPS-va-cach-xu-ly\"><\/span>Nh\u1eefng l\u1ed7i th\u01b0\u1eddng g\u1eb7p khi s\u1eed d\u1ee5ng VPS v\u00e0 c\u00e1ch x\u1eed l\u00fd<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<h3><span class=\"ez-toc-section\" id=\"VPS-khong-truy-cap-duoc-tren-Windows-10\"><\/span>VPS kh\u00f4ng truy c\u1eadp \u0111\u01b0\u1ee3c tr\u00ean Windows 10<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>M\u1ed9t s\u1ed1 ng\u01b0\u1eddi d\u00f9ng g\u1eb7p t\u00ecnh tr\u1ea1ng kh\u00f4ng th\u1ec3 k\u1ebft n\u1ed1i VPS qua <strong>Remote Desktop<\/strong> tr\u00ean Windows 10. L\u1ed7i n\u00e0y th\u01b0\u1eddng xu\u1ea5t hi\u1ec7n sau c\u00e1c b\u1ea3n c\u1eadp nh\u1eadt h\u1ec7 \u0111i\u1ec1u h\u00e0nh, khi\u1ebfn qu\u00e1 tr\u00ecnh truy c\u1eadp b\u1ecb gi\u00e1n \u0111o\u1ea1n.<\/p>\n<p><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/p>\n<ol>\n<li>M\u1edf thanh t\u00ecm ki\u1ebfm c\u1ee7a Windows 10, g\u00f5 <strong>Administrative Templates<\/strong> v\u00e0 ch\u1ecdn k\u1ebft qu\u1ea3.<\/li>\n<li>Ch\u1ecdn <strong>Edit Group Policy<\/strong>.<\/li>\n<li>Trong ph\u1ea7n <strong>Register<\/strong>, \u0111i theo \u0111\u01b0\u1eddng d\u1eabn:<br \/>\n<strong>Administrative Templates \u2192 System \u2192 Credential Delegation \u2192 Encryption Oracle Remediation<\/strong>.<\/li>\n<li>Nh\u1ea5n <strong>Apply \u2192 OK<\/strong>, sau \u0111\u00f3 th\u1eed k\u1ebft n\u1ed1i l\u1ea1i b\u1eb1ng Remote Desktop.<\/li>\n<\/ol>\n<figure id=\"attachment_35576\" aria-describedby=\"caption-attachment-35576\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-35576\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-truy-cap-duoc-tren-Windows-10.jpg\" alt=\"VPS kh\u00f4ng truy c\u1eadp \u0111\u01b0\u1ee3c tr\u00ean Windows 10\" width=\"800\" height=\"500\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-truy-cap-duoc-tren-Windows-10.jpg 800w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-truy-cap-duoc-tren-Windows-10-300x188.jpg 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-truy-cap-duoc-tren-Windows-10-768x480.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-35576\" class=\"wp-caption-text\">VPS kh\u00f4ng truy c\u1eadp \u0111\u01b0\u1ee3c tr\u00ean Windows 10<\/figcaption><\/figure>\n<h3><span class=\"ez-toc-section\" id=\"Loi-bao-mat-SSH-%E2%80%93-Khong-doi-mat-khau-root-mac-dinh\"><\/span>L\u1ed7i b\u1ea3o m\u1eadt SSH \u2013 Kh\u00f4ng \u0111\u1ed5i m\u1eadt kh\u1ea9u root m\u1eb7c \u0111\u1ecbnh<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><strong>Nguy\u00ean nh\u00e2n:<\/strong><\/h4>\n<p>Khi m\u1edbi thu\u00ea VPS, nhi\u1ec1u ng\u01b0\u1eddi qu\u00ean thay \u0111\u1ed5i m\u1eadt kh\u1ea9u t\u00e0i kho\u1ea3n <strong>root<\/strong>. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng v\u00ec hacker c\u00f3 th\u1ec3 d\u00f9ng c\u00f4ng c\u1ee5 d\u00f2 qu\u00e9t m\u1eadt kh\u1ea9u m\u1eb7c \u0111\u1ecbnh \u0111\u1ec3 x\u00e2m nh\u1eadp.<\/p>\n<h4>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/h4>\n<ul>\n<li>\u0110\u1ed5i m\u1eadt kh\u1ea9u root ngay sau khi \u0111\u0103ng nh\u1eadp l\u1ea7n \u0111\u1ea7u.<\/li>\n<li>T\u1ea1o m\u1eadt kh\u1ea9u m\u1ea1nh c\u00f3 \u00edt nh\u1ea5t 12 k\u00fd t\u1ef1, bao g\u1ed3m ch\u1eef hoa, ch\u1eef th\u01b0\u1eddng, s\u1ed1 v\u00e0 k\u00fd t\u1ef1 \u0111\u1eb7c bi\u1ec7t.<\/li>\n<li>S\u1eed d\u1ee5ng <strong>SSH Key<\/strong> \u0111\u1ec3 x\u00e1c th\u1ef1c thay v\u00ec d\u00f9ng m\u1eadt kh\u1ea9u th\u00f4ng th\u01b0\u1eddng.<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Loi-VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem\"><\/span>L\u1ed7i VPS kh\u00f4ng c\u1eadp nh\u1eadt h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 ph\u1ea7n m\u1ec1m<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><strong>Nguy\u00ean nh\u00e2n:<\/strong><\/h4>\n<p>Ph\u1ea7n m\u1ec1m ho\u1eb7c h\u1ec7 \u0111i\u1ec1u h\u00e0nh l\u1ed7i th\u1eddi l\u00e0 \u201cc\u1eeda ng\u00f5\u201d cho hacker t\u1ea5n c\u00f4ng v\u00ec ch\u1ee9a nhi\u1ec1u l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 b\u1ecb c\u00f4ng khai.<\/p>\n<h4><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/h4>\n<ul>\n<li>C\u1eadp nh\u1eadt VPS th\u01b0\u1eddng xuy\u00ean b\u1eb1ng l\u1ec7nh:\n<ul>\n<li><code>apt update &amp;&amp; apt upgrade<\/code> (v\u1edbi Ubuntu\/Debian)<\/li>\n<li><code>yum update<\/code> (v\u1edbi CentOS\/RHEL)<\/li>\n<\/ul>\n<\/li>\n<li>T\u1ef1 \u0111\u1ed9ng h\u00f3a vi\u1ec7c c\u1eadp nh\u1eadt b\u1eb1ng <strong>cronjob<\/strong> ho\u1eb7c c\u00f4ng c\u1ee5 qu\u1ea3n l\u00fd server chuy\u00ean d\u1ee5ng.<\/li>\n<\/ul>\n<figure id=\"attachment_35577\" aria-describedby=\"caption-attachment-35577\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-35577\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem.jpg\" alt=\"VPS kh\u00f4ng c\u1eadp nh\u1eadt h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 ph\u1ea7n m\u1ec1m\" width=\"800\" height=\"500\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem.jpg 800w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem-300x188.jpg 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-khong-cap-nhat-he-dieu-hanh-va-phan-mem-768x480.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-35577\" class=\"wp-caption-text\">VPS kh\u00f4ng c\u1eadp nh\u1eadt h\u1ec7 \u0111i\u1ec1u h\u00e0nh v\u00e0 ph\u1ea7n m\u1ec1m<\/figcaption><\/figure>\n<h3><span class=\"ez-toc-section\" id=\"Loi-VPS-tu-dong-tat-hoac-khoi-dong-lai-he-thong\"><\/span>L\u1ed7i VPS t\u1ef1 \u0111\u1ed9ng t\u1eaft ho\u1eb7c kh\u1edfi \u0111\u1ed9ng l\u1ea1i h\u1ec7 th\u1ed1ng<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><strong>Nguy\u00ean nh\u00e2n:<\/strong><\/h4>\n<p>\u0110\u00e2y l\u00e0 l\u1ed7i kh\u00e1 phi\u1ec1n to\u00e1i, th\u01b0\u1eddng x\u1ea3y ra sau m\u1ed7i l\u1ea7n <strong>Windows t\u1ef1 \u0111\u1ed9ng c\u1eadp nh\u1eadt<\/strong> d\u00f9 b\u1ea1n kh\u00f4ng h\u1ec1 thao t\u00e1c.<\/p>\n<h4><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/h4>\n<p>T\u1eaft ch\u1ee9c n\u0103ng t\u1ef1 \u0111\u1ed9ng c\u1eadp nh\u1eadt ho\u1eb7c \u0111i\u1ec1u ch\u1ec9nh l\u1ea1i th\u1eddi gian v\u00e0 ph\u01b0\u01a1ng th\u1ee9c update sao cho kh\u00f4ng l\u00e0m gi\u00e1n \u0111o\u1ea1n ho\u1ea1t \u0111\u1ed9ng VPS. Vi\u1ec7c n\u00e0y gi\u00fap tr\u00e1nh t\u00ecnh tr\u1ea1ng <strong>t\u1ef1 \u0111\u1ed9ng restart<\/strong> v\u00e0 gi\u1ea3m r\u1ee7i ro m\u1ea5t d\u1eef li\u1ec7u trong qu\u00e1 tr\u00ecnh c\u1eadp nh\u1eadt.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Khong-sao-luu-du-lieu-dinh-ky-Backup\"><\/span>Kh\u00f4ng sao l\u01b0u d\u1eef li\u1ec7u \u0111\u1ecbnh k\u1ef3 (Backup)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<h4><strong>Nguy\u00ean nh\u00e2n:<\/strong><\/h4>\n<p>Kh\u00f4ng thi\u1ebft l\u1eadp <strong>backup \u0111\u1ecbnh k\u1ef3<\/strong> \u0111\u1ed3ng ngh\u0129a v\u1edbi nguy c\u01a1 m\u1ea5t d\u1eef li\u1ec7u v\u0129nh vi\u1ec5n n\u1ebfu VPS b\u1ecb hack, l\u1ed7i h\u1ec7 th\u1ed1ng, hay thao t\u00e1c nh\u1ea7m.<\/p>\n<h4><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/h4>\n<ul>\n<li>Thi\u1ebft l\u1eadp <strong>sao l\u01b0u t\u1ef1 \u0111\u1ed9ng<\/strong> m\u1ed7i ng\u00e0y ho\u1eb7c m\u1ed7i tu\u1ea7n.<\/li>\n<li>L\u01b0u tr\u1eef file backup t\u1ea1i <strong>m\u00e1y ch\u1ee7 d\u1ef1 ph\u00f2ng<\/strong> ho\u1eb7c n\u1ec1n t\u1ea3ng \u0111\u00e1m m\u00e2y nh\u01b0 <strong>Google Drive<\/strong>, <strong>AWS S3<\/strong>.<\/li>\n<li>Ki\u1ec3m tra \u0111\u1ecbnh k\u1ef3 kh\u1ea3 n\u0103ng <strong>kh\u00f4i ph\u1ee5c d\u1eef li\u1ec7u<\/strong> t\u1eeb b\u1ea3n sao l\u01b0u.<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Quen-cai-dat-tuong-lua-Firewall\"><\/span>Qu\u00ean c\u00e0i \u0111\u1eb7t t\u01b0\u1eddng l\u1eeda (Firewall)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Khi m\u1edbi c\u00e0i VPS, h\u1ea7u h\u1ebft h\u1ec7 th\u1ed1ng \u0111\u1ec1u m\u1edf to\u00e0n b\u1ed9 c\u00e1c c\u1ed5ng c\u00f3 d\u1ecbch v\u1ee5 \u0111ang ch\u1ea1y. N\u1ebfu kh\u00f4ng gi\u1edbi h\u1ea1n quy\u1ec1n truy c\u1eadp ngay t\u1eeb \u0111\u1ea7u, \u0111\u00e2y l\u00e0 m\u1ed9t <strong>r\u1ee7i ro b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng<\/strong>, khi\u1ebfn m\u00e1y ch\u1ee7 d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng t\u1eeb b\u00ean ngo\u00e0i.<\/p>\n<figure id=\"attachment_35578\" aria-describedby=\"caption-attachment-35578\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-35578\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-quen-cai-dat-tuong-lua.jpg\" alt=\"VPS qu\u00ean c\u00e0i \u0111\u1eb7t t\u01b0\u1eddng l\u1eeda\" width=\"800\" height=\"500\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-quen-cai-dat-tuong-lua.jpg 800w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-quen-cai-dat-tuong-lua-300x188.jpg 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-quen-cai-dat-tuong-lua-768x480.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-35578\" class=\"wp-caption-text\">VPS qu\u00ean c\u00e0i \u0111\u1eb7t t\u01b0\u1eddng l\u1eeda<\/figcaption><\/figure>\n<p><strong>C\u00e1ch ki\u1ec3m tra:<\/strong><\/p>\n<p>Ch\u1ea1y l\u1ec7nh:<\/p>\n<div><code>ufw status<br \/>\nho\u1eb7c<br \/>\niptables -L<br \/>\n<\/code><\/div>\n<p><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/p>\n<ul>\n<li>C\u00e0i \u0111\u1eb7t <strong>ufw<\/strong> (tr\u00ean Ubuntu):\n<div><code>apt install ufw<\/code><\/div>\n<\/li>\n<li>Ch\u1ec9 m\u1edf c\u00e1c c\u1ed5ng c\u1ea7n thi\u1ebft, ch\u1eb3ng h\u1ea1n nh\u01b0 SSH, HTTP v\u00e0 HTTPS:\n<div><code>ufw allow 22<br \/>\nufw allow 80<br \/>\nufw allow 443<br \/>\n<\/code><\/div>\n<\/li>\n<li>Sau c\u00f9ng, b\u1eadt t\u01b0\u1eddng l\u1eeda:\n<div><code>ufw enable<br \/>\n<\/code><\/div>\n<\/li>\n<\/ul>\n<h3><span class=\"ez-toc-section\" id=\"Khong-gioi-han-quyen-truy-cap-cua-user-hoac-nguoi-dung-web\"><\/span>Kh\u00f4ng gi\u1edbi h\u1ea1n quy\u1ec1n truy c\u1eadp c\u1ee7a user ho\u1eb7c ng\u01b0\u1eddi d\u00f9ng web<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>M\u1ed9t l\u1ed7i VPS ph\u1ed5 bi\u1ebfn kh\u00e1c l\u00e0 <strong>ch\u1ea1y to\u00e0n b\u1ed9 website b\u1eb1ng t\u00e0i kho\u1ea3n root<\/strong> ho\u1eb7c \u0111\u1ec3 c\u00e1c th\u01b0 m\u1ee5c c\u00f3 quy\u1ec1n ghi cho t\u1ea5t c\u1ea3 m\u1ecdi ng\u01b0\u1eddi (777).<\/p>\n<p><strong>H\u1eadu qu\u1ea3:<\/strong><\/p>\n<ul>\n<li>Hacker c\u00f3 th\u1ec3 d\u1ec5 d\u00e0ng <strong>upload shell<\/strong> l\u00ean trang web.<\/li>\n<li>C\u00e1c t\u1ec7p h\u1ec7 th\u1ed1ng b\u1ecb ch\u1ec9nh s\u1eeda ho\u1eb7c x\u00f3a tr\u00e1i ph\u00e9p.<\/li>\n<\/ul>\n<p><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/p>\n<ol>\n<li>T\u1ea1o <strong>user ri\u00eang cho website<\/strong>:\n<div><code>adduser www<br \/>\n<\/code><\/div>\n<\/li>\n<li>Ph\u00e2n quy\u1ec1n th\u01b0 m\u1ee5c ch\u00ednh x\u00e1c (v\u00ed d\u1ee5: <strong>755 cho folder<\/strong>, <strong>644 cho file<\/strong>).<\/li>\n<li>Ki\u1ec3m tra c\u00e1c file nguy hi\u1ec3m b\u1eb1ng l\u1ec7nh:\n<div><code>find . -type f -perm 777<br \/>\n<\/code><\/div>\n<\/li>\n<\/ol>\n<h3><span class=\"ez-toc-section\" id=\"Cho-phep-dang-nhap-bang-mat-khau-thay-vi-SSH-Key\"><\/span>Cho ph\u00e9p \u0111\u0103ng nh\u1eadp b\u1eb1ng m\u1eadt kh\u1ea9u thay v\u00ec SSH Key<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Vi\u1ec7c \u0111\u0103ng nh\u1eadp VPS b\u1eb1ng m\u1eadt kh\u1ea9u, d\u00f9 m\u1ea1nh \u0111\u1ebfn \u0111\u00e2u, v\u1eabn ti\u1ec1m \u1ea9n nguy c\u01a1 b\u1ecb <strong>t\u1ea5n c\u00f4ng brute-force<\/strong> n\u1ebfu kh\u00f4ng gi\u1edbi h\u1ea1n truy c\u1eadp SSH.<\/p>\n<figure id=\"attachment_35579\" aria-describedby=\"caption-attachment-35579\" style=\"width: 800px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-35579\" src=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-dang-nhap-bang-mat-khau-thay-vi-SSH-Key.jpg\" alt=\"VPS \u0111\u0103ng nh\u1eadp b\u1eb1ng m\u1eadt kh\u1ea9u thay v\u00ec SSH Key\" width=\"800\" height=\"500\" title=\"\" srcset=\"https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-dang-nhap-bang-mat-khau-thay-vi-SSH-Key.jpg 800w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-dang-nhap-bang-mat-khau-thay-vi-SSH-Key-300x188.jpg 300w, https:\/\/interdata.vn\/blog\/wp-content\/uploads\/2025\/11\/VPS-dang-nhap-bang-mat-khau-thay-vi-SSH-Key-768x480.jpg 768w\" sizes=\"auto, (max-width: 800px) 100vw, 800px\" \/><figcaption id=\"caption-attachment-35579\" class=\"wp-caption-text\">VPS \u0111\u0103ng nh\u1eadp b\u1eb1ng m\u1eadt kh\u1ea9u thay v\u00ec SSH Key<\/figcaption><\/figure>\n<p><strong>C\u00e1ch ki\u1ec3m tra:<\/strong><\/p>\n<ol>\n<li>M\u1edf file c\u1ea5u h\u00ecnh SSH:\n<div><code>\/etc\/ssh\/sshd_config<br \/>\n<\/code><\/div>\n<\/li>\n<li>T\u00ecm d\u00f2ng:\n<div><code>PasswordAuthentication yes<br \/>\n<\/code><\/div>\n<\/li>\n<\/ol>\n<p><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/p>\n<ol>\n<li>\u0110\u1ed5i th\u00e0nh:\n<div><code>PasswordAuthentication no<br \/>\n<\/code><\/div>\n<\/li>\n<li>\u0110\u1ea3m b\u1ea3o b\u1ea1n \u0111\u00e3 t\u1ea1o <strong>~\/.ssh\/authorized_keys<\/strong> tr\u00ean VPS.<\/li>\n<li>Ch\u1ec9 cho ph\u00e9p \u0111\u0103ng nh\u1eadp th\u00f4ng qua <strong>SSH Key<\/strong> \u0111\u1ec3 t\u0103ng t\u00ednh b\u1ea3o m\u1eadt.<\/li>\n<\/ol>\n<h3><span class=\"ez-toc-section\" id=\"Giu-nguyen-cong-SSH-mac-dinh-Port-22\"><\/span>Gi\u1eef nguy\u00ean c\u1ed5ng SSH m\u1eb7c \u0111\u1ecbnh (Port 22)<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Ph\u1ea7n l\u1edbn c\u00e1c bot scan \u0111\u1ec1u t\u1eadp trung d\u00f2 qu\u00e9t <strong>c\u1ed5ng 22<\/strong>, khi\u1ebfn h\u1ec7 th\u1ed1ng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng b\u1eb1ng <strong>brute-force<\/strong> n\u1ebfu kh\u00f4ng thay \u0111\u1ed5i c\u1ed5ng m\u1eb7c \u0111\u1ecbnh.<\/p>\n<p><strong>C\u00e1ch ki\u1ec3m tra:<\/strong><\/p>\n<p>Ch\u1ea1y m\u1ed9t trong hai l\u1ec7nh sau:<\/p>\n<div><code>ss -tulpn | grep :22<br \/>\nho\u1eb7c<br \/>\nnetstat -tuln<br \/>\n<\/code><\/div>\n<p>N\u1ebfu th\u1ea5y SSH \u0111ang m\u1edf tr\u00ean c\u1ed5ng 22, ngh\u0129a l\u00e0 b\u1ea1n v\u1eabn \u0111ang d\u00f9ng c\u1ea5u h\u00ecnh m\u1eb7c \u0111\u1ecbnh.<\/p>\n<p><strong>C\u00e1ch kh\u1eafc ph\u1ee5c:<\/strong><\/p>\n<ol>\n<li>M\u1edf file c\u1ea5u h\u00ecnh SSH:\n<div><code>\/etc\/ssh\/sshd_config<br \/>\n<\/code><\/div>\n<\/li>\n<li>T\u00ecm d\u00f2ng:\n<div><code>Port 22<br \/>\n<\/code><\/div>\n<p>v\u00e0 \u0111\u1ed5i sang m\u1ed9t c\u1ed5ng ng\u1eabu nhi\u00ean trong kho\u1ea3ng <strong>1025\u201365535<\/strong>.<\/li>\n<li>Kh\u1edfi \u0111\u1ed9ng l\u1ea1i SSH:\n<div><code>systemctl restart sshd<br \/>\n<\/code><\/div>\n<\/li>\n<\/ol>\n<p><strong>L\u01b0u \u00fd:<\/strong> H\u00e3y m\u1edf <strong>c\u1ed5ng m\u1edbi tr\u00ean t\u01b0\u1eddng l\u1eeda tr\u01b0\u1edbc khi restart SSH<\/strong>, tr\u00e1nh b\u1ecb ng\u1eaft k\u1ebft n\u1ed1i.<\/p>\n<p>C\u00e1c l\u1ed7i VPS k\u1ec3 tr\u00ean \u0111\u1ec1u c\u00f3 th\u1ec3 ph\u00f2ng tr\u00e1nh n\u1ebfu ng\u01b0\u1eddi d\u00f9ng ch\u1ee7 \u0111\u1ed9ng theo d\u00f5i v\u00e0 c\u1ea5u h\u00ecnh \u0111\u00fang c\u00e1ch ngay t\u1eeb \u0111\u1ea7u. Vi\u1ec7c <strong>c\u1eadp nh\u1eadt th\u01b0\u1eddng xuy\u00ean, b\u1ea3o m\u1eadt SSH ch\u1eb7t ch\u1ebd v\u00e0 sao l\u01b0u \u0111\u1ecbnh k\u1ef3&#8230;<\/strong> l\u00e0 nh\u1eefng b\u01b0\u1edbc quan tr\u1ecdng gi\u00fap VPS ho\u1ea1t \u0111\u1ed9ng \u1ed5n \u0111\u1ecbnh v\u00e0 an to\u00e0n l\u00e2u d\u00e0i.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Khi s\u1eed d\u1ee5ng VPS (Virtual Private Server), kh\u00f4ng \u00edt ng\u01b0\u1eddi g\u1eb7p ph\u1ea3i c\u00e1c l\u1ed7i b\u1ea3o m\u1eadt ho\u1eb7c c\u1ea5u h\u00ecnh khi\u1ebfn h\u1ec7 th\u1ed1ng ho\u1ea1t \u0111\u1ed9ng kh\u00f4ng \u1ed5n \u0111\u1ecbnh, th\u1eadm ch\u00ed b\u1ecb t\u1ea5n c\u00f4ng. Nh\u1eefng l\u1ed7i n\u00e0y th\u01b0\u1eddng xu\u1ea5t ph\u00e1t t\u1eeb c\u00e1c thi\u1ebft l\u1eadp c\u01a1 b\u1ea3n b\u1ecb b\u1ecf qua nh\u01b0 ch\u01b0a c\u00e0i firewall, d\u00f9ng user root \u0111\u1ec3<\/p>\n","protected":false},"author":11,"featured_media":35580,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[],"class_list":["post-35574","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vps"],"_links":{"self":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts\/35574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/comments?post=35574"}],"version-history":[{"count":4,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts\/35574\/revisions"}],"predecessor-version":[{"id":37510,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/posts\/35574\/revisions\/37510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/media\/35580"}],"wp:attachment":[{"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/media?parent=35574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/categories?post=35574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/interdata.vn\/blog\/wp-json\/wp\/v2\/tags?post=35574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}