This site uses cookies. For more information, please see our Privacy and Cookie Notice. If you don't agree to our use of cookies, please navigate away from this site now.
phone
Sales & support  01738 700 006
6 steps to secure your server

by  David Dwyer on  28/08/2017    154 Reads

Your online security is only as good as the weakest link in the chain.

6 steps to secure your server

Your online security is only as good as the weakest link in the chain. That means you need to protect your own website; regularly update the web applications you use; protect your network with firewalls; and consider the security of your server or hosting agent.

Why? Because your own website can be directly attacked, but so too can the web server that hosts your website. It can be threatened by direct hacking attempts, phising, intrusions or viruses. So, your hosting service or IT department needs to protect your server(s) from attack in a proactive manner. After all, hackers know that servers invariably contain sensitive (read valuable) data.

Your choice of host agency, server and Operating System (OS) – Microsoft Windows, Linux, Apple – will dictate what you need to put in place to meet current best practice on security. So, it’s necessary to review and configure every aspect of the operation.

Here are six measures you can take that will increase your server security. Remember, with security the sum will always be greater than the individual parts, and each combination of steps will itself add an additional layer to your defences. Do all that you can, then ask how you can do more!

1. Review your server status

Following a regular and routine monitoring process can catch a problem before it snowballs. Begin by conducting a review of your server’s status, and check whether there are any problems with its CPU, RAM, disk usage, running processes and other metrics, as these will often help detect server security issues.

Ideally, store network services logs, site access logs, database logs (Microsoft SQL Server, MySQL, Oracle) and check them frequently. Then investigate the cause of any strange log entries you find.

It’s a good idea to always keep scripts on a separate drive, away from your operating system, your logs, and any other system files. Then, if a hacker does access your web root directory, they can’t control the server by using an operating system command.

2. Automate your security updates

Most vulnerabilities have a zero-day status. It takes very little time before a public vulnerability is used to create an attack. But by applying automatic security updates and security patches as soon as they are available you can minimise the risk.

3. Set up perimeter security with firewalls

Applications like border routers and firewalls can help filter for known threats, automated attacks, malicious traffic, DDoS filters, bogus IPs, and untrusted networks. Your local firewall can monitor for attacks such as port scans and SSH password guessing, and block any security threat from attacking the firewall. A web application firewall will also filter incoming web page requests, and can block any that have been deliberately created to break or compromise your website.

4. Security tools

Web server software often contains security tools (URL scan, mod security) that administrators can set up to help secure the web server’s installation. Configuring these tools can be time consuming, particularly with custom web applications, but they will give you peace of mind.

Scanners can run advanced security checks against open ports and network services to help secure your server and web applications. They can check for vulnerable areas including SQL Injection, Cross site scripting and web server configuration problems. Some can also audit shopping carts automatically, check forms and dynamic web content, and flag up any issues found.

5. Remove unnecessary services

Typical default operating system installations and network configurations (Remote Registry Services, Print Server Service, RAS) are not secure. Ports are left vulnerable to abuse with more services running on an operating system. It’s best, therefore, to disable all unnecessary services.

6. Permissions

If an account is hacked, then file and network services permissions will limit any potential damage. It’s good practice, therefore, to schedule regular reviews of your file system permissions. Grant the minimum privilege required for a specific network service to run, and then restrict what each user or service can do to a minimum. Disable any default account shells that are not being accessed normally and consider removing the “root” account to enable login using SSH.

Ensuring server security is crucial for any business that operates online, but especially those that permit network transactions. For them, this is an issue you simply cannot ignore, and network transactions are being protected, increasingly, through the adoption of SSL certificates and HTTPS to encrypt communications.

If you follow some or all of our six tips, they will help secure your web server and help keep your data and resources safe.

Cyber Security, Cyber Security Vulnerabilities, Security, Server, Server Security, The Evolving Web, Website Vulnerabilities
Interested in working with us
 
Name :
Email :
Phone :
How can we help? :
 
* Fields are mandatory

Leave a comment
 
Name :
Email :
Comment :
 
* Fields are mandatory