Dedicated servers provide numerous benefits for many kinds web hosting. Online businesses and companies of all types consider that the dedicated server solution is imperative to the success of their web based business. It would make sense, then, to adequately address the security for the dedicated server, as it is a critical part of the web presence and generally has quite a bit of time and money invested in obtaining and keeping it operable.
Potential security risks for dedicated servers can range from malicious attacks by hackers and viruses to more basic situations such as hard disk crashes and data corruption. The following information will detail some of the key areas that should be addressed in order to avoid problems.
The password is a key component in security for any dedicated server.
The first thing to ensure after acquiring a new dedicated server is that the password has been changed. The web hosting company may have set a default password or emailed the password in plain text. Because there is a risk that someone else knows the password, it is essential that it is changed immediately. Here are some guidelines for passwords:
- Use different passwords for personal and administrative accounts. For Linux systems, ensure that the root password is different from the regular account.
- It is best to choose long, complex passwords because they will be harder to guess. By combining letters, numbers and punctuation, avoid using any words that are contained in the dictionary.
- Put dates on your calendar to remind you to change all of your passwords on a regular basis.
Be sure to identify unnecessary services and have them disabled, because the more ports that the server has open to the Internet, the greater the security risk factor will be. Certain services, such as HTTP and email are required, however, there are probably some others that can be easily eliminated, such as:
- Any service that is not being used should be disabled. Having services that are not regularly used and monitored can open your website to more vulnerability than is necessary.
- If FTP is not being used, have it disabled. If it being used, ensure that it is not ever using the root or administrator password. Since FTP sends passwords across the network in plain text, it can create an insecure vulnerability to access by unauthorized individuals.
- Telnet has been known to be a high security risks, since it can be very easy for the password to be stolen. Instead, use SSH (secure shell).
The firewall software (or hardware) package can control which of the server ports are open on the Internet. Sometimes, they can detect intrusion attempts. Therefore, the firewall is an essential part of any security program for the web server.
It is a well known fact that viruses can potentially cause devastating and serious damage to the server. Since most viruses are written for the Windows platform, most Windows servers are particularly vulnerable. Therefore, Windows servers should have a virus scan on a regular basis and the virus software should be updated as frequently as necessary to stop new viruses from infiltrating the system.
Linux servers should also be scanned regularly, as they aren’t completely safe from viruses in any case. There have been a number of worms that have exploited security holes in some of the more common Linux services. The best way to avoid disruptions in service is to run updated and run firewall protections regularly, while also disabling any unnecessary services.
Windows viruses have also been known to threaten Linux systems, as they are usually emailed to thousands of addresses. An email virus scanner can be very crucial, for that reason
Software updates are extremely necessary, as manufacturers are continually issuing new releases to handle security breaches when they have been discovered. It is necessary to update key software components such as the web server, email server, firewall, and SSH server, such as languages like PHP and Perl – as they occur on each new server. It is never a good idea to assume that a web host has provided the latest issues of software with its packages. In addition, calendar regular checks for updates and set up an automatic notification if at all possible.
Backups are a necessity since every system experiences at least one serious problem at some point in its lifecycle. Therefore, data will be lost if it is not backed up. System breakdowns can occur for many reasons, so it is safe to assume that backups are necessary on a daily, if not hourly basis.
Backup copies of all critical files on a separate machine should be maintained at all times. For web content, the local copy uploaded from is probably sufficient. For all other data, FTP can be used to download critical files on a regular basis. Below are a few more items that should be backed up:
- Dynamic files created by web sites, including traffic logs.
- Configuration files for the web server, email server, and other software. Whenever the configuration file is changed, download a new copy.
- Customer data should be backed up regularly to protect from user errors and other serious problems.
- Database systems – use backup utilities or dump data to downloadable files.
Once security systems are in place, the security of the server is a continual process that needs to be monitored for potential problems. Some monitoring methods include:
- There are services available that will notify you on another server with regular alerts. Web hosts may offer a service, or there are independent services. Be sure they are supplied with an email address on a different server or a mobile phone.
- Use security auditing tools to check for hacking attempts. .
- Review server logs regularly for suspicious activity.
Running a dedicated server can be an extensive and complicated task. Therefore, it is often more prudent to enlist an experienced administrator or good managed host. Otherwise, you can expect to spend several hours a week securing and monitoring a dedicated server. In any case, ensure that the security of the dedicated server is attended to in order to avoid long disruptions and service delays, which can negatively impact your business.
The dedicated server is an investment that most companies cannot afford to have compromised. Therefore, by paying attention to the above security issues, there is a better chance that your dedicated server solution will perform at its highest capacity, with a minimum of disruption. By performing regular backups, data will not be lost and business will continue to run smoothly, even if technical situations should arise. Even if you engage a managed server, it is a good idea to monitor the dedicated server yourself on some level, so that all security issues are covered.
Superb Internet provides a complete range of managed dedicated server web hosting solutions, from virtual shared web hosting through to high-volume, mission-critical dedicated server solutions. SuperbHosting.net’s core focus is customer service, and continuous service improvement, with offices and 24-hour/365-day operations in McLean, VA, Tukwila, WA, and Vancouver, BC, serving customers in over 150 countries worldwide.
View further information on Dedicated Servers here.
Copyright 2009 by The Hosting News. All Rights Reserved.