- 21 Eki 2015
- 477
- 1
1. Update and Upgrade Software Regularly
Regularly updating the software on a server is a crucial step in keeping it safe from hackers. Outdated software has already been explored for its weak points, leaving it open for hackers to take advantage of these and harm your system. If you keep everything up-to-date, you ensure that it is updated to protect itself in the first line of defense.
Automatic updates are one way to guarantee that no updates are forgotten. However, allowing the system to make such changes on its own may be risky. Before updating your production environment, it is good practice to examine how the update performs in a test environment.
Make sure to update the server control panel routinely. You also need to regularly update content management systems, if you use one, as well as any plugins it may have. Each new release includes security patches to fix known security issues.
2. Remove or Turn Off All Unnecessary Services
Increase server security by reducing the so-called attack vector.
This cyber-security term refers to installing and maintaining only the bare minimum requirements needed to keep your services running. Just enable the network ports used by the OS and installed components. The less you have on the system, the better.
A Windows OS server should only have required operating system components. A Linux operating system server should have a minimal installation with only the truly necessary packages installed.
Since most Linux distributions listen for incoming connections on the internet, you want to configure a firewall to allow only specific ports and deny all other unnecessary communication.
Check for dependencies before installing software on your system to ensure you are not adding anything you do not need. Additionally, inspect which dependencies were auto-started on your system and whether you want them there.
3. Hide Server Information
Try to provide as little information about the underlying infrastructure as possible. The less is known about the server, the better.
Also, it is a good idea to hide version numbers of any software you have installed on the server. Often they reveal, by default, the exact release date which can aid hackers when searching for weaknesses. It is usually simple to remove this information by deleting it from the HTTP header of its greeting banner.
4. Use Intrusion Detection Systems
To detect any unauthorized activities, use an intrusion detection system (IDS), such as Sophos, which monitors processes running on your server. You may set it to check day-to-day operations, run periodical automated scans, or decide to run the IDS manually.
5. File Auditing
File auditing is another good way to discover unwanted changes on your system.
It is keeping a record of all the characteristics of your system when it is in a good, healthy, state and comparing it to the current state. By comparing the two versions of the same system side to side, you can detect all the inconsistencies and track their origin.
6. Service Auditing
Service auditing explores what services are running on the server, their protocols, and which ports they are communicating through. Being aware of these specifics helps configure attack surfaces in the system.
7. Set Up and Maintain a Firewall
Secure your server by controlling and restricting access to your system.
Using CSF (ConfigServer and Firewall) is essential in tightening up security on your server. It allows only specific vital connections, locking down access to other services.
Set up a firewall during the initial server setup or when you make changes to the services the server offers. By default, a typical server runs different services including public, private and internal services.
Public services are generally run by web servers that need to allow access to a website. Anyone can access these services, often anonymously, over the internet.
Private services are used when dealing with a database control panel, for example. In that case, a number of selected people require access to the same point. They have authorized accounts with special privileges inside the server.
Internal services are ones that should never be exposed to the internet or outside world. They are only accessible from within the server and only accept local connections.
The role of the firewall is to allow, restrict and filter access according to the service the user is authorized for. Configure the firewall to restrict all services except those mandatory for your server.
8. Back Up Your Server
Although the previously mentioned steps are designed to protect your server data, it is crucial to have a backup of the system in case something goes wrong.
Store encrypted backups of your critical data offsite or use a cloud solution.
Whether you have automated backup jobs or do them manually, make sure to make a routine of this precautionary measure. Also, you should test backups, doing comprehensive backup testing. This should include sanity checks in which administrators or even end users verify that data recovery is coherent.
9. Create Multi-Server Environments
Isolation is one of the best types of server protection you can have.
Full separation would require having dedicated bare mêtal servers that do not share any components with other servers. Although this is the easiest to manage and provides the most security, it is also the most expensive.
Having isolated execution environments in a data center allow the so-called Separation of Duties (SoD) and setting server configuration according to the functions the server fulfills.
Separating database servers and web application servers is a standard security practice. Separate execution environments are especially beneficial to larger scale businesses that cannot afford any security breaches.
Independent database servers secure sensitive information and system files from hackers that manage to gain access to administrative accounts. Also, isolation lets system administrators to separately configure the web application security and minimize the attack surface by setting web application firewalls.
10. Create Virtual Isolated Environments
If you cannot afford or do not require full isolation with dedicated server components, you can also choose to isolate execution environments.
Doing so helps you deal with any security problems that may arise, ensuring other data is not compromised. You can choose between containers or VM virtualization which are much easier to set up.
Another option for virtualized environments in a UNIX operating system is creating chroot jails. Chroot is separating a process from the central operating systems root directory and allowing it to access only files within its directory tree. However, this is not complete isolation and should be practiced only with other security measures.
Wrapping Up: Securing Your Server
After reading this article and following the security recommendations, you should be more confident in your server security.
Many of the security measures should be implemented during the initial set up of the server, while others should be part of continuous or periodic maintenance. If your server monitoring is not automated, make sure to design and follow scheduled security checks.
Regularly updating the software on a server is a crucial step in keeping it safe from hackers. Outdated software has already been explored for its weak points, leaving it open for hackers to take advantage of these and harm your system. If you keep everything up-to-date, you ensure that it is updated to protect itself in the first line of defense.
Automatic updates are one way to guarantee that no updates are forgotten. However, allowing the system to make such changes on its own may be risky. Before updating your production environment, it is good practice to examine how the update performs in a test environment.
Make sure to update the server control panel routinely. You also need to regularly update content management systems, if you use one, as well as any plugins it may have. Each new release includes security patches to fix known security issues.
2. Remove or Turn Off All Unnecessary Services
Increase server security by reducing the so-called attack vector.
This cyber-security term refers to installing and maintaining only the bare minimum requirements needed to keep your services running. Just enable the network ports used by the OS and installed components. The less you have on the system, the better.
A Windows OS server should only have required operating system components. A Linux operating system server should have a minimal installation with only the truly necessary packages installed.
Since most Linux distributions listen for incoming connections on the internet, you want to configure a firewall to allow only specific ports and deny all other unnecessary communication.
Check for dependencies before installing software on your system to ensure you are not adding anything you do not need. Additionally, inspect which dependencies were auto-started on your system and whether you want them there.
3. Hide Server Information
Try to provide as little information about the underlying infrastructure as possible. The less is known about the server, the better.
Also, it is a good idea to hide version numbers of any software you have installed on the server. Often they reveal, by default, the exact release date which can aid hackers when searching for weaknesses. It is usually simple to remove this information by deleting it from the HTTP header of its greeting banner.
4. Use Intrusion Detection Systems
To detect any unauthorized activities, use an intrusion detection system (IDS), such as Sophos, which monitors processes running on your server. You may set it to check day-to-day operations, run periodical automated scans, or decide to run the IDS manually.
5. File Auditing
File auditing is another good way to discover unwanted changes on your system.
It is keeping a record of all the characteristics of your system when it is in a good, healthy, state and comparing it to the current state. By comparing the two versions of the same system side to side, you can detect all the inconsistencies and track their origin.
6. Service Auditing
Service auditing explores what services are running on the server, their protocols, and which ports they are communicating through. Being aware of these specifics helps configure attack surfaces in the system.
7. Set Up and Maintain a Firewall
Secure your server by controlling and restricting access to your system.
Using CSF (ConfigServer and Firewall) is essential in tightening up security on your server. It allows only specific vital connections, locking down access to other services.
Set up a firewall during the initial server setup or when you make changes to the services the server offers. By default, a typical server runs different services including public, private and internal services.
Public services are generally run by web servers that need to allow access to a website. Anyone can access these services, often anonymously, over the internet.
Private services are used when dealing with a database control panel, for example. In that case, a number of selected people require access to the same point. They have authorized accounts with special privileges inside the server.
Internal services are ones that should never be exposed to the internet or outside world. They are only accessible from within the server and only accept local connections.
The role of the firewall is to allow, restrict and filter access according to the service the user is authorized for. Configure the firewall to restrict all services except those mandatory for your server.
8. Back Up Your Server
Although the previously mentioned steps are designed to protect your server data, it is crucial to have a backup of the system in case something goes wrong.
Store encrypted backups of your critical data offsite or use a cloud solution.
Whether you have automated backup jobs or do them manually, make sure to make a routine of this precautionary measure. Also, you should test backups, doing comprehensive backup testing. This should include sanity checks in which administrators or even end users verify that data recovery is coherent.
9. Create Multi-Server Environments
Isolation is one of the best types of server protection you can have.
Full separation would require having dedicated bare mêtal servers that do not share any components with other servers. Although this is the easiest to manage and provides the most security, it is also the most expensive.
Having isolated execution environments in a data center allow the so-called Separation of Duties (SoD) and setting server configuration according to the functions the server fulfills.
Separating database servers and web application servers is a standard security practice. Separate execution environments are especially beneficial to larger scale businesses that cannot afford any security breaches.
Independent database servers secure sensitive information and system files from hackers that manage to gain access to administrative accounts. Also, isolation lets system administrators to separately configure the web application security and minimize the attack surface by setting web application firewalls.
10. Create Virtual Isolated Environments
If you cannot afford or do not require full isolation with dedicated server components, you can also choose to isolate execution environments.
Doing so helps you deal with any security problems that may arise, ensuring other data is not compromised. You can choose between containers or VM virtualization which are much easier to set up.
Another option for virtualized environments in a UNIX operating system is creating chroot jails. Chroot is separating a process from the central operating systems root directory and allowing it to access only files within its directory tree. However, this is not complete isolation and should be practiced only with other security measures.
Wrapping Up: Securing Your Server
After reading this article and following the security recommendations, you should be more confident in your server security.
Many of the security measures should be implemented during the initial set up of the server, while others should be part of continuous or periodic maintenance. If your server monitoring is not automated, make sure to design and follow scheduled security checks.
Excerpted
