MUD Hosting checklist for MUDs

Verify that 32-bit compatibility libraries (libc6-i386) are installed if running older ROM, Circle, or Merc codebases on a 64-bit OS.

Confirm GCC, Make, and essential headers are present; attempt a clean 'make' of the source code to ensure no missing dependencies exist in the production environment.

Configure the system clock to UTC and enable NTP synchronization to ensure game logs and player file timestamps are consistent.

Allocate at least 1GB of swap space on the VPS to prevent the OOM (Out of Memory) killer from terminating the MUD process during peak player counts or memory leaks.

Set specific environment variables (e.g., MUD_HOME, PATH) in the service user's .bashrc or systemd unit file for consistent execution paths.

Create a dedicated system user (e.g., 'mudrun') with no sudo privileges to execute the binary and own the game files.

Disable root login and password authentication in /etc/ssh/sshd_config, requiring SSH keys for admin access.

Configure UFW or iptables to drop all traffic except for the SSH port and the specific game port (e.g., 4000 or 23).

Set permissions on the player data directory (chmod 700) to ensure only the service user can read or modify sensitive player files.

Install and configure Fail2Ban to monitor the game port and SSH port for brute-force connection attempts.

Create a .service file in /etc/systemd/system/ to manage the MUD process, enabling 'systemctl start' and 'systemctl stop' functionality.

Configure the systemd 'Restart=always' and 'RestartSec=5' directives to ensure the game automatically restarts following a crash.

Schedule a daily cron job to create a compressed tarball of the player, area, and lib directories.

Configure rsync or an S3-compatible tool to move local backups to a geographically separate storage location every 24 hours.

Set up logrotate for the MUD's output logs to prevent disk space exhaustion from multi-gigabyte log files.

Map a domain or subdomain to the VPS IP address and verify propagation via dig or nslookup.

Test if the MUD binary binds to the IPv6 interface and ensure the firewall allows traffic on the game port for IPv6 addresses.

Implement a connection limit at the OS level (using iptables connlimit) to prevent simple socket-exhaustion DoS attacks.

If using a privileged port like 23, use iptables PREROUTING rules to redirect traffic to the high-numbered port used by the unprivileged service user.

Run mtr or ping tests from multiple geographic regions to identify potential routing issues between the VPS provider and the player base.

Set up an external monitoring service (e.g., UptimeRobot) to ping the TCP game port every 5 minutes and alert admins on failure.

Configure a shell script or monitoring agent to send an alert when disk usage exceeds 80%, preventing database/pfile corruption.

Establish a baseline for memory usage and schedule a weekly check of the RSS (Resident Set Size) of the MUD process.

Run a script to verify that player files are not zero-byte and can be parsed by the current binary version before finalizing a migration.

Enable core dumps (ulimit -c unlimited) and specify a directory for them to facilitate debugging after a segmentation fault.