If the average bandwidth usage of your instance exceeds our fair usage policy, there is a risk that the port speed might be throttled. To avoid this in advance, you will find some practical tips below on how to reduce outgoing traffic.

• Monitor your outgoing traffic
• Restrict unnecessary traffic
• Optimize your applications
• Keep your server secure

Monitor your outgoing traffic

Before reducing outgoing traffic, check what’s consuming bandwidth.

For Windows VPS Users

If your VPS runs Windows, you can check the network traffic with the built-in Task Manager:

1. Open Task Manager: Right-click the taskbar and select ‘Task Manager,’ or press Ctrl + Shift + Esc
2. Expand the View: If Task Manager opens in a simplified view, click ‘More details’ at the bottom
3. Go to the Performance Tab: Here you can see the real-time stats on network traffic.
4. Alternatively, open Resource Monitor: At the bottom of the Performance tab, click ‘Open Resource Monitor’, then go to the ‘Network’ tab to see which processes use the most bandwidth.

For Linux VPS Users

Linux includes monitoring tools that show network usage directly in the terminal. To show usage per process, you can use NetHogs:

To install NetHogs on Ubuntu/Debian:

1. Update package list: Ensure you get the latest version.

sudo apt update

2. Install NetHogs: Install using apt-get.

sudo apt install nethogs

3. Run NetHogs: Start NetHogs with the command below.

sudo nethogs

NetHogs will open in the terminal, displaying network usage per process.

To install NetHogs on AlmaLinux/Rocky:

1. Update the system:

sudo dnf update -y

2. Enable the EPEL repository:

sudo dnf install epel-release -y

3. Install NetHogs:

sudo dnf install nethogs -y

4. Run NetHogs:

sudo nethogs

Restrict unnecessary traffic

Bandwidth can often be used by background services. Restrict your server to only the traffic you need, depending on your operating system.

For Windows VPS Users

You can use Windows Defender Firewall to restrict unnecessary traffic.

To block outgoing traffic:

1. Open Windows Firewall with Advanced Security: Press Win + R, type wf.msc, and press Enter.
2. Navigate to Outbound Rules in the left panel.
3. Create a new rule to block all traffic:
   • Click ‘New Rule…’
   • Choose ‘Custom’ or ‘Program’
   • Select ‘Block the connection’
   • Specify profiles (Domain, Private, Public)
   • Assign a name and description for the rule.
     
     

To allow specific outgoing traffic:

1. Create New Rules for Allowed Traffic:
   • Click ‘New Rule...’
   • Select ‘Program’ or ‘Custom’ for specific IPs/ports
2. Set the Action to Allow.
3. Complete the wizard by naming the rule.

Important:

• Outbound rules are evaluated top to bottom. Make sure 'Allow rules' appear above 'Block all traffic' rule.
• Create 'Allow rules' for essential services like DHCP and DNS.
• Test your network after applying rules to confirm functionality.
  
  

For Linux VPS Users

You can use UFW (Uncomplicated Firewall) to restrict unnecessary traffic.

1. Install UFW

sudo apt-get install ufw -y

2. Set the Default Outgoing Policy to Deny

sudo ufw default deny outgoing

3. Allow Necessary Outgoing Traffic

Before enabling UFW, allow the essential ports your system needs to function, for example:

sudo ufw allow out 22/tcp    # SSH
sudo ufw allow out 80/tcp    # HTTP
sudo ufw allow out 443/tcp   # HTTPS
sudo ufw allow out 53        # DNS

4. Enable UFW

sudo ufw enable
sudo ufw status verbose

5. Verify your rules

sudo ufw status verbose

Optimize your applications

Depending on your VPS/VDS usage, you can reduce traffic:

• Websites: Use Cloudflare to serve images/videos. See Why use Cloudflare with your VPS server (Video).
• Backups and file transfers: Use Contabo’s Backup Space to store backups internally and minimize external traffic. See How Do I Create A Backup Using the Contabo Backup Space?
• Enable caching: Enable caching for websites.

Keep your server secure

High outgoing traffic can indicate that your VPS might have been hacked or infected with malware. Follow these steps:

1. Check for unusual activity

• Monitor outgoing connections for unfamiliar IPs or high bandwidth processes.
• Review running processes:

top
ps aux | grep stealth
netstat -tunapl

Check system logs (e.g., /var/log/auth.log) for suspicious logins.

2. Scan for malware

• Use ClamAV:

1. sudo apt-get install clamav
   sudo freshclam
   sudo clamscan -r /

   
   If malware is detected, isolate the server and back up only clean data.

3. Mitigate and recover

• Perform a clean reinstallation from a known safe backup.
• Change all passwords (root, database, FTP, email, etc.).
• Update all software and packages.

4. Strengthen your security going forward

• Regularly update your system and applications.
• Use strong, unique passwords and SSH keys.
• Install and configure a firewall like UFW.
• Set up monitoring or intrusion detection tools.
  
  

Important: Monitor your server regularly to prevent high outgoing traffic. See how you can access full monitoring with Contabo.