I've become a fan of this project and have set up a few masternodes.
I am using the mp-hosting service and noticed that their VP servers come with several easily fixed security issues. For example, they have the unnecessary apache2 enabled, use the root account as the primary login, allow root remote login by ssh, run ssh over port 22, and even have bash history enabled. I created a script to fix these major issues.