Following from yesterday’s post, I thought a bit about security and I realized it’s a pretty intense subject. There are obviously tons of things you can and should do to keep yourself secure, many of them outside the scope of this blog post. Here are some quick ones, however, that you should always keep in mind!
1) Make sure you update constantly and quickly!
This one’s definitely top of the list. Some of the easiest ways people can get into your server involve unpatched software with vulnerabilities. Make sure you’re always on top of your software and OS updates- a managed server solution is helpful here, but if you don’t have one make sure to always update ASAP!
2) Make sure you’re only running services you need!
The more open ports on your server, the more potential doors there are into your system. Only keep services you need running- there’s no point in running an Apache process and keeping that port open, for example, if the machine is a mail server! (This will also have the added bonus of speeding things up a bit).
3) Make sure permission settings are correct!
I know I harped on this last post, but it’s really something to always think about! Less permissions across the board means less possible scenarios in which full access to your machine is attained.
4) Make sure to have a decent firewall running!
This one may be the hardest one to get going, as firewall rules and permissions can be labyrinthine (especially in Linux)., but it’s a must. Also under this category are antivirus programs; you want to scan anything going in or out, especially on a Windows machine.
5) Test your security!
There are a number of dedicated server providers that do this for free if you purchase a managed hosting solution – LiquidWeb does, among others. Whether they do or don’t, however, you should take it upon yourself to do at least a little basic security test. Network security testers like Nessus are very handy in spotting known security flaws and suggesting how to fix it. They’re not perfect, obviously, but they can catch some flaws that you would not have noticed until it was too late.
These five steps should be your first step in securing a server; if you don’t have an experienced sysadmin, however, you really should bone up on your server security skills. It will come in handy, I promise!