Your dedicated server comes from a secure hosting provider. You now have peace of mind the security provided by your web host isn’t going to fall to someone who wants to hack into your server.
It’s dangerous to get lulled into a false sense of security. Web hosts take responsibility for their company and their services, but if a hacker attacks your computer and breaks into your server, this is your fault. Even well-known hosts like managed WordPress hosting aren’t immune.
It’s your responsibility to make it as difficult as possible for anyone to break in to your server. The vast majority of hack attacks happen because of users, not the web hosts. Read through this guide to find out how you can protect your dedicated server.
Update Everything
It all starts with the basics. Any updates should be installed the moment they’re available. The majority of an update will focus on defending against the latest security threats. A minute part of an update is dedicated towards changing interfaces and management options.
Some updates are dedicated exclusively to security. Internet threats evolve and change each day. To keep up with these threats, you need to make sure every update is installed as quickly as possible.
Most web hosts provide an option for where you can switch on updates automatically. Click it to ensure you’re never behind on your security.
Your Own Computer
Your computer is an outlet for where someone could get into your dedicated server. If you give a hacker control of your computer, your server is in trouble, especially if they have the password.
The best way to defend your computer is to purchase a subscription for a comprehensive anti-virus program. There are many of them. Norton and AVG are just two anti-virus programs which work alongside Windows Firewall to defend your computer from the latest threats.
Stay away from any free anti-virus programs. They aren’t updated enough to provide you with the full protection you’re looking for.
Any passwords should need to be entered each time you log on. Don’t make the mistake of leaving them already inputted. You’ve rendered them useless, since any hacker could simply click a button and log in. Write the password down on a piece of paper for extra security. Hackers can only gain access to information stored virtually.
Here are some tips for making a good password:
- Make sure it’s at least 15 characters long.
- Use both letters and numbers.
- Use upper and lowercase letters.
How often should you change your password?
A robust and strict password policy is the first major step to making sure your server stays clear of any attacks. Change your password once every three to six months, depending on the size of your website. More popular websites carry larger risks, so the password should be changed on a regular basis.
Brute Force Attacks
A brute force attack is where a hacker will use a piece of software which simply attempts to guess your password. It’s like grabbing a ring full of keys and trying each and every one of them until they work.
To secure your server, start by reducing the number of outlet points. In other words, make sure only a certain number of systems can login to the server. Ask yourself whether a person really needs to have access to the server itself. Ideally, only you should have access to this, but we know that’s not always possible.
Use a program like cPHulk to fight back against brute force attacks. cPHulk, and software like it, automatically detects attempted brute force attacks and subtly blocks further attempts at guessing the password from that IP. The hacker won’t notice it because it doesn’t disable authentication.
So you’re wasting their time, whilst being fully protected. It will lock any hacker out for a period of time you determine. It could be a few days or permanently. Programs like this all work in roughly the same way.
Shells
The right web server for you will have different shells. In short, this is designed to protect certain levels of your server. Think of it as trapping a hacker in a certain area. If a hacker uses a shell account to get through your main defenses, it’s time to stop them in the middle of your server.
A jailing shell will be able to limit the damage caused by a hacker. A jail shell will provide a limited shell for a hacker to view. They’ll be able to look at the main directory of your server, but that’s it. They won’t be able to go any deeper. Your files won’t be viewable. This severely restricts the actions of anyone who manages to get inside.
Failover Options
The use of virtual servers and dedicated servers is increasing. As more people start to use the Internet and sites become more popular, they need these servers to cope with increasing levels of traffic.
You need an effective failover option should you experience a sudden spike in traffic. Web hosts usually offer failover for sites like this. Most failover would involve the efficient distribution of resources, which makes DDoS (Distributed Denial of Service) attacks relatively useless.
You should also have backup servers should your initial server crash. This is something most web hosts have. It’s why they have data centers all over the world. If one center is knocked out by some sort of natural disaster or power failure, their company doesn’t crash and they don’t lose customers.
Vulnerability Scanning
Malware and other nasty pieces of code can play havoc with your server. Make sure your dedicated hosting service has constant vulnerability scanning. Look at vulnerability scanning as a way of monitoring any chinks in your security. Some web hosts won’t have constant scanning, so through certain periods your server will be vulnerable.
In addition to vulnerability scanning, you need to carefully monitor your analytics. By this we mean you have to check for any suspicious activity. Are you noticing sudden spikes in traffic which you can’t explain? Do unusual advertisements start to appear in the comments section of your website?
All these things could act as a precursor to an attack on your website.
The Way You Browse
Always make a point of never clicking on a link to make your way to your server. Links supplied through email are often disguised as phishing links. If you do happen to click on one of these links, look at the browser bar first. Many of these phishing links will look almost exactly the same as the original link, and therefore are easily missed. Check the link is as it should be.
Install Mod Security Software
Insecure code will undermine your security efforts. Safeguard your server by installing mod security software. This software works with Apache to monitor attempted attacks on your website. It has a default set of security standards every website should meet, in terms of its code.
Any security breaches will be reported automatically to you. You can use these security breaches to find areas of your code where there are vulnerabilities.
Overall, safeguarding your server is a difficult task. You should never rely on any sort of third-party to defend it. Take responsibility for your website and ensure no hacker ever manages to breach it.