Contabo gives you incredible specs for the price — 4 vCPU, 8GB RAM for €5.99/month. But it ships with zero security: no firewall, no monitoring, no DDoS protection, no intrusion detection. You are completely on your own. Defensia changes that with one command.
Secure your Contabo VPS in 30 seconds →Contabo is one of the most popular budget VPS providers in the world. Their pricing is unbeatable — you get hardware specs that would cost 3-4x more at other providers. But that popularity comes with a security cost. Contabo IP ranges are well-known to attackers because they host hundreds of thousands of servers, many of them running with default configurations and no security software. Botnets specifically scan Contabo netblocks knowing that many servers are unprotected.
sshd[4821]: Failed password for root from 185.220.101.7 port 43992 ssh2
sshd[4823]: Invalid user admin from 45.83.64.11 port 55120 ssh2
sshd[4825]: pam_unix(sshd:auth): authentication failure; rhost=103.145.13.90
sshd[4827]: Failed password for invalid user test from 92.118.39.18 port 22180
sshd[4830]: Disconnected from authenticating user root 45.83.64.11 port 38204 [preauth]
... thousands more today. Contabo provides nothing to stop this.
Every public-facing VPS on the internet is discovered by automated botnets within minutes. Based on Defensia telemetry, a new server receives its first SSH brute force attempt within 22 minutes of deployment. The average server sees 4,200+ attacks per day. On Contabo, the situation is amplified because budget servers attract users who may not have security expertise, and attackers know it. The combination of cheap servers, large IP ranges, and zero built-in security makes Contabo VPS servers a high-priority target for botnets. Our VPS security checklist covers the minimum steps every budget VPS should have.
Contabo is a no-frills provider. They focus on raw compute at the lowest price. That means everything security-related is your responsibility. Here is what you do not get — and what Defensia adds.
| Security layer | Contabo | Defensia |
|---|---|---|
| Network firewall | ✗ | iptables/ipset (automatic, unlimited) |
| Firewall management UI | ✗ | Dashboard + auto-managed rules |
| SSH brute force detection | ✗ | 15 patterns, auto-ban |
| Web Application Firewall (WAF) | ✗ | 15+ OWASP types from nginx/Apache logs |
| Malware scanning | ✗ | 64K+ hash signatures + 684 patterns |
| CVE / vulnerability scanning | ✗ | NVD + EPSS + CISA KEV |
| DDoS protection | Basic (often criticized) | L7 via WAF log analysis |
| Server monitoring | ✗ | Security events + attacks + posture score |
| Geoblocking | ✗ | 200+ countries at firewall level |
| Bot management | ✗ | 70+ fingerprints, per-policy |
| Real-time attack dashboard | ✗ | ✓ |
| Alert notifications | ✗ | Email, Slack, webhook |
| KVM virtualization | ✓ | ✗ |
| Full root access | ✓ | ✗ |
What Contabo does well: raw hardware specs at the lowest price in the market, multiple data center locations (Germany, US, UK, Japan, Singapore, Australia), KVM virtualization with full root access, and a wide OS selection during provisioning. Their VPS performance for the price is genuinely unmatched. The trade-off is that everything else — security, monitoring, support — is bare minimum. That is a fair trade if you add the missing layers yourself.
One command. Works on every Contabo VPS — Ubuntu, Debian, CentOS, Rocky Linux, AlmaLinux, Fedora, and RHEL. No packages to install, no dependencies, no configuration files. The agent auto-detects your operating system, log paths, and running services. For a complete hardening walkthrough, see how to secure a Linux server.
# What happens on your Contabo VPS:
1. Downloads the Go binary (~15MB) for your architecture (amd64)
2. Installs to /usr/local/bin/defensia-agent
3. Creates a systemd service unit
4. Auto-detects SSH log path (/var/log/auth.log on Ubuntu/Debian, journald on Rocky/Alma)
5. Auto-detects nginx/Apache access logs if present
6. Starts protecting immediately — no config files to edit
Since Contabo provides no firewall service, Defensia becomes your primary security layer from the moment you install it. The agent manages iptables rules directly on the server, creating ipset blocklists for banned IPs. Combined with basic hardening (SSH keys, disable root password login), Defensia transforms a bare Contabo VPS into a production-grade secured server. The agent uses under 30MB of RAM — negligible on an 8GB VPS that costs €5.99/month.
Six detection engines cover every attack surface on your VPS — from SSH to web applications to the filesystem.
Contabo VPS servers with password authentication enabled are a prime target. Defensia reads /var/log/auth.log (Ubuntu/Debian) or journald (Rocky/Alma/Fedora) and detects 15 SSH attack patterns: failed passwords, invalid users, pre-auth disconnects, PAM failures, and key exchange drops. Attackers are blocked within seconds via ipset — supporting 65,000+ concurrent bans.
Deep dive into SSH protection →Contabo has no WAF service whatsoever. If you run WordPress, Laravel, Django, or any web application, you are exposed to SQL injection, XSS, path traversal, RCE, SSRF, and more. Defensia reads nginx and Apache access logs and detects 15+ OWASP attack types. Zero configuration required — log paths are auto-detected.
See WAF detection details →With no security scanning from Contabo, malware can sit on your VPS for months undetected. Defensia scans the filesystem with 64,000+ hash signatures and 684 dynamic patterns. Detects PHP backdoors in upload directories, obfuscated shells, cryptominers in /tmp and /dev/shm, and modified system binaries. Scheduled and on-demand scans.
Matches installed packages (apt on Ubuntu/Debian, rpm on Rocky/Alma) against the National Vulnerability Database. Each CVE is scored with EPSS exploit probability and flagged if it appears in the CISA Known Exploited Vulnerabilities catalog. Contabo does not monitor your packages — Defensia tells you exactly which ones are exploitable.
70+ bot fingerprints identified from User-Agent strings and request patterns. Legitimate bots (Googlebot, Bingbot) are allowed. Vulnerability scanners (Nikto, Nuclei, sqlmap), credential stuffing bots, and scrapers are blocked or logged per your policy. Essential for game servers and web apps hosted on Contabo.
Continuous assessment of your VPS security: SSH configuration, firewall rules, file permissions, world-readable credentials, exposed .git directories, and weak key permissions. Scored 0-100 with A-F grade. Since Contabo provides zero monitoring, this is the only way to know if your server configuration is actually secure.
Contabo provides raw compute at the lowest price. Defensia provides security at a fraction of enterprise pricing. Together, they form a stack that gives you more protection than most companies running on AWS or Azure — for less than the cost of a single lunch.
For context: an equivalent setup on AWS would cost roughly $35-50/month for the compute alone (t3.large is ~$60/month on-demand, ~$35 reserved), plus $10-30/month for GuardDuty, plus $5-15/month for AWS WAF, plus $0.15/month for Inspector. You would spend $50-100/month and still not have host-level malware scanning or SSH brute force detection. With Contabo + Defensia, you get better security coverage for €14.99/month. The math is not even close.
Since Contabo provides zero security by default, here are the minimum steps every Contabo VPS should have. Defensia automates the detection and blocking part — but these manual steps are still recommended.
# Step 1: Update the system
$ apt update && apt upgrade -y # Ubuntu/Debian
$ dnf update -y # Rocky/Alma/Fedora
# Step 2: Set up SSH key authentication (disable password login)
$ sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
$ systemctl restart sshd
# Step 3: Install Defensia (handles everything else)
$ curl -fsSL https://defensia.cloud/install.sh | sudo bash
That is it. Three steps and your Contabo VPS goes from completely exposed to production-grade security. Defensia handles firewall rule management, brute force blocking, web application attack detection, malware scanning, CVE monitoring, and real-time alerting. You do not need to configure iptables, install fail2ban, set up ModSecurity, or run ClamAV. One agent covers everything.
No. Contabo is a pure infrastructure provider focused on delivering the best hardware specs at the lowest price. They do not include a managed firewall, DDoS mitigation service, monitoring dashboard, intrusion detection, malware scanning, or vulnerability assessment. You get a bare Linux server with root access and nothing else. Security is entirely your responsibility.
Absolutely. A Contabo VPS at EUR 5.99/month is incredible value for compute — but without security, it is a liability. A compromised server can be used for spam, DDoS attacks, or cryptocurrency mining, and Contabo will suspend your account. Defensia at EUR 9/month is the cheapest way to prevent that. The total cost of EUR 14.99/month for a fully secured 4vCPU/8GB server is still cheaper than most cloud providers charge for compute alone.
Yes. Defensia covers all fail2ban SSH patterns and adds WAF, malware scanning, CVE detection, geoblocking, bot management, and a real-time dashboard. fail2ban only handles SSH and requires manual jail configuration. Defensia auto-configures everything. Most users remove fail2ban after installing Defensia.
Yes. Defensia detects Docker installations, monitors container health, and can read web server logs from Docker containers. If you run nginx or Apache in Docker, Defensia auto-detects the log paths and provides WAF protection for containerized web applications.
Under 30MB. On a Contabo VPS with 8GB RAM, the Defensia agent uses less than 0.4% of available memory. CPU usage is negligible — the agent is a single Go binary optimized for minimal resource consumption. It will not impact your application performance.
Yes. The free plan covers 1 server and includes SSH brute force protection, the full real-time dashboard, and bot detection. Pro costs EUR 9/server/month (EUR 7 billed annually) and adds WAF, malware scanning, CVE intelligence, geoblocking, and alerts. No credit card required to start.
Contabo VPS pricing and specifications (VPS S: 4 vCPU, 8GB RAM, 200GB SSD NVMe, €5.99/month) based on contabo.com/en/vps as of April 2026.
Contabo data center locations (Germany, US — St. Louis/Seattle/New York, UK, Japan, Singapore, Australia) based on contabo.com/en/locations.
Contabo security features (none included — no managed firewall, no monitoring dashboard, no DDoS mitigation service) based on Contabo product documentation and support articles.
Attack frequency and time-to-first-attack metrics based on Defensia telemetry data across production servers monitored from January to April 2026.
AWS pricing comparisons (t3.large ~$60/month on-demand, GuardDuty, WAF, Inspector) based on aws.amazon.com/pricing as of April 2026.
Step-by-step hardening for any VPS provider.
Complete guide for all Linux distributions.
Ubuntu is the most popular Contabo OS choice.
15 detection patterns, ipset blocking.
Compare with a managed cloud provider.
Why Defensia replaces fail2ban entirely.
One command. Under 30 seconds. €5.99 Contabo VPS + €9 Defensia Pro = €14.99/month for a fully secured server.
No credit card required. Free for 1 server.