If you have a dedicated server, it’s essential that it is protected. Whether the server exists to host files for a website or is networking computers for a business, it needs to be protected from malicious software and hackers. Malicious software can include a variety of types of harmful programs, including malware, viruses and rootkits.

Failing to secure a server can lead to lost or corrupted data, damage to devices connected to the network and unauthorized individuals getting access to sensitive data. There are a number of ways that you can protect your server, and they go beyond simply having a suite of protection software in place, although that is also key.

 

1. Anti-malware Software

Even if you’re renting a dedicated server from a Web Hosting or Cloud provider, you still need protection against malware. Large names in security make software that can protect servers from malware, and many are available as suites that allow you to get firewall, antivirus and antispam protection all in one package. You may also decide to select individual programs to provide protection for your server. The main thing is that you have a complete set of software that protects against intrusion and will scan files for viruses and the like.

 

2. Keep Your System Updated

One way that hackers get into many systems is by going through weak points that developers did not notice when creating a piece of software or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software.

Therefore, it’s important that all software hosted on a dedicated server is kept up to date. For web hosting servers, that means cPanel, even content management systems (CMS) such as WordPress and the plug-ins the CMS uses must be kept current. Many operating systems and software suites can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

 

3. Change Default Settings

There are a variety of default settings that come with programs and even operating systems. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system.

If you can change, without causing problems for the system, addresses, folders, logins and port settings, you should do so. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

 

4. Use Robust Passwords and Keep Track of Permissions

Another important part of keeping your dedicated server secure is to ensure that passwords are robust and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error.

Two key parts of keeping your dedicated server secure in relation to passwords are ensuring that simple passwords are not in use and that passwords are changed on a regular basis. There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of the server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

 

5. Employ Brute Force Detection and Active Monitoring

Another important part of keeping a dedicated server secure is knowing what is happening with it at all times. Even the best anti-malware software cannot prevent all intrusions, and hackers are constantly figuring out new ways to circumvent security systems. Therefore, it’s important that activity on a server is always being monitored.

Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

 

For those of you who feel there’s just not enough time in your day to maintain your dedicated server’s security, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net

 

Follow Us :
Share :

cPanel is one of the most popular web hosting control panels available today. With it’s user-friendly graphical interface and robust server automation tools, cPanel is designed to make web hosting as simple as possible. However, like many other popular applications, it can be vulnerable to potential security problems. To prevent your website from falling victim to hackers and malware, it is critical that you manage and routinely check your server’s cPanel security settings.

 

SSH

SSH or Secure Shell, is a common way users access their server or website remotely. Unfortunately, it also provides an entry point for hackers. Data sent through SSH is authenticated and encrypted to prevent outside manipulation, so malicious users can’t touch it unless they break through your security measures. The default port of 22 is the most common setting for SSH access. Changing it to another available port and implementing a security key for logins minimizes the risk of being hacked. Switch the settings from SSH1 to SSH2 for additional protection.

 

Firewall

A firewall lets users access cPanel while keeping unauthorized individuals out. ConfigServer Security and Firewall or CSF, is one of the most popular firewalls for cPanel. It scans the system on a regular basis and checks authentication logs to keep your site safe from hackers at all times. CSF also provides feedback on how to make your server more secure overall.

 

Brute Force Protection

Although a firewall can prevent hackers from gaining access to a website or server, it won’t stop them from trying to log in. Brute force protection is a feature of cPanel used to block IP addresses after multiple failed login attempts. Found under the ‘Security Center’ section, this option is easy to enable and customize. Use the IP Deny Manager to manually input IP addresses known to be malicious so that they’re never allowed to log on. You can customize the brute force option, known as cPHulk, by setting how many minutes the tool monitors for repeated logins, the maximum number of failed logins allowed and how long each IP ban stays in place.

 

Passwords

From your admin cPanel login to individual email accounts, every access point needs a strong, secure password. Longer passwords allow for more complex combinations of numbers, symbols and upper- and lower-case letters. Use a different password for accessing cPanel, FTP, email management and other secure areas, making sure none of them contain obvious information such as phone numbers or birthdays. If you have trouble coming up with enough different combinations, try an online password generator.

 

Automatic Updates

One of the easiest ways to keep cPanel secure is to enable automatic updates. Old versions of software, including cPanel, may contain security vulnerabilities hackers can use to access your server. Automatic updates ensure you’re always running the latest version of cPanel with any associated security patches and bug fixes. Go back and check once and a while to confirm updates are running as they should. If not, update manually and contact your web host to find out why the setting isn’t working.

 

Additional Settings to ‘Tweak’

While you’re taking care of the larger security issues in cPanel, make sure you don’t neglect less common settings. Open ‘Tweak Settings’ under Server Configuration to access an entire list of other possible security measures. With this checklist, you can:

• Help prevent the sending of unauthorized emails, including spam
• Shut down potential email attacks
• Block malicious referrals or redirects from hijacking your site
• Stop the generation of proxy domains
• Require IP validation for cookies
• Set up an additional security token for cPanel access

Enabling these additional cPanel security settings helps address any remaining vulnerabilities and keep hackers at bay. But, for those of you who feel there’s just not enough time in your day to employ these security measures, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server and cPanel so you can focus on running your business.

For more information, visit https://turnkeyinternet.net/managed/

 

Follow Us :
Share :