One of the biggest concern for most server owners and providers is Server Security. Vulnerabilities and attacks increase on a day to day basis. So security flaws and vulnerabilities have turned out to be the biggest headaches and nightmares for server administrator. Even the simplest flaw in security policy can result in critical vulnerability in a server security. Needless to say even the biggest players in the hosting industry are pumping in more money in increasing the security level of their organization. Having an effective security policy can minimize the number of hack/attack attempts substantially. The attack will keep increasing, if the data to be secured is more valuable than the effort to hack the same information. Including the following policies will help minimize the vulnerability of servers –
1. Minimize access to the server
It is very important to minimize access to the server. The access should be restricted only to valid user. To minimize the access, we can have multiple user levels. Eg: pseudo users. We can also change the server port number, so that the hackers will fail to identify the correct port. It is also recommended to provide access to a server based on the IP, so that only the valid users from a valid location can only access the server.
2. Practice good password habits
Avoid simple, easy-to-guess passwords, particularly for privileged administrator/root accounts. Include special characters, numbers in your password. DO NOT use simple names, telephone number, name123 etc as your passwords. It is recommended to have atleast 8 characters in your password, while 16 is highly preferred.
3. Monitor your server logs
Logs are the footprints of all the actions performed inside a server. Even if an attack has happened, you can trace out the attacker from the access logs of your server. Review your logs regularly for signs of extra-ordinary behaviour.
4. Check programs for security holes
Make sure that server software are properly updated. The unstable versions of server softwares will be buggy and will act as a backdoor for the attacker. Always update the server softwares to their latest stable edition. Make sure to apply proper patches regularly.
5. Limit server services
The undesired server services itself can act as a platform for the attack to server intruder. The misuse of a server service will provide the attacker a better option for his attack. Attacker can use the binary of undesired server service to begin his attack. Disable or remove the ownership of undesired services. Enable only the required services inside the server.
6. Differentiate the server’s private and public information
Do not keep sensitive information inside a web server, since it is more exposed to the attacks. Publish only the required but not all the information. Keep the private information always inside a intranet server rather than on an internet server.
7. Enable proper security tools
Ensure that your server is running with security tools like firewalls, antivirus, port scanners, rootkit scanners etc. Tighten the firewall as much as you can so that only the privileged/desired can access the server. Make sure that the antivirus definitions are properly updated. It is highly recommended to tune security audit at least on a weekly basis.
Knowing your system makes you one step ahead of an intruder. Check it often and ask an expert if you’re ever over your head. There are many other things you can and should do to ensure your server security but these are a few basics that everyone should use.