Unfortunately, the number of potential server security threats is too great for just one post. The following are five more you should definitely be aware of and prepare your server to defend against. Some of them are easy to fix, while others require thought, planning, and special software.
1. Malware – This can be just about anything, but the underlying idea behind malware is that it is malicious software. Its sole purpose is to do harm, and cyber criminals of all sorts love it. Some common forms include viruses, bots, trojans, worms, and rootkits.
2. Vulnerable Software – If you have not recently performed security updates on your server, it could be at risk. All it takes is one crafty attacker to locate the security hole and exploit it.
3. Poorly written code – Many web applications are just not well made. Your users may be inexperienced, unmotivated, or just unaware that their code is vulnerable. You can protect your server and your peace of mind by using vulnerability scanners to sniff out potential problems.
4. SQL Injection – Most modern websites use some form of database to store content for dynamic web applications. SQL is one form of database used by MySQL, PostgreSQL, MSSQL, and others. When you have a script vulnerability, attackers can use it to insert malicious SQL instructions.
5. User Error – Believe it or not, computers are actually pretty secure when used properly. The people who operate them, however, may or may not be. Users with weak, easily guessed passwords, easy-to-hack web applications, and virus-laced workstations are all threats to your server. You need to educate them, enforce strict security, and, in some cases, cut your losses.