Blog Header Banner

Archive for the ‘dedicated server security’ tag

5 Tips to Secure Your Dedicated Server   no comments

Posted at Feb 6, 2018 @ 9:33am dedicated servers

Secure Dedicated Server

If you have a dedicated server, it’s essential that it is protected. Whether the server exists to host files for a website or is networking computers for a business, it needs to be protected from malicious software and hackers. Malicious software can include a variety of types of harmful programs, including malware, viruses and rootkits.

Failing to secure a server can lead to lost or corrupted data, damage to devices connected to the network and unauthorized individuals getting access to sensitive data. There are a number of ways that you can protect your server, and they go beyond simply having a suite of protection software in place, although that is also key.

 

1. Anti-malware Software

Even if you’re renting a dedicated server from a Web Hosting or Cloud provider, you still need protection against malware. Large names in security make software that can protect servers from malware, and many are available as suites that allow you to get firewall, antivirus and antispam protection all in one package. You may also decide to select individual programs to provide protection for your server. The main thing is that you have a complete set of software that protects against intrusion and will scan files for viruses and the like.

 

2. Keep Your System Updated

One way that hackers get into many systems is by going through weak points that developers did not notice when creating a piece of software or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software.

Therefore, it’s important that all software hosted on a dedicated server is kept up to date. For web hosting servers, that means cPanel, even content management systems (CMS) such as WordPress and the plug-ins the CMS uses must be kept current. Many operating systems and software suites can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

 

3. Change Default Settings

There are a variety of default settings that come with programs and even operating systems. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system.

If you can change, without causing problems for the system, addresses, folders, logins and port settings, you should do so. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

 

4. Use Robust Passwords and Keep Track of Permissions

Another important part of keeping your dedicated server secure is to ensure that passwords are robust and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error.

Two key parts of keeping your dedicated server secure in relation to passwords are ensuring that simple passwords are not in use and that passwords are changed on a regular basis. There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of the server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

 

5. Employ Brute Force Detection and Active Monitoring

Another important part of keeping a dedicated server secure is knowing what is happening with it at all times. Even the best anti-malware software cannot prevent all intrusions, and hackers are constantly figuring out new ways to circumvent security systems. Therefore, it’s important that activity on a server is always being monitored.

Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

 

For those of you who feel there’s just not enough time in your day to maintain your dedicated server’s security, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on February 6th, 2018

Tagged with , , , ,

6 Ways to Secure and Protect Your Server   1 comment

Posted at Oct 27, 2016 @ 10:44am Web hosting

server-secure

If you have a server, it’s essential that it is protected. Whether the server exists to host files for a website or is networking computers for a business, it needs to be protected from malicious software and hackers. Malicious software can include a variety of types of harmful programs, including malware, viruses and rootkits.

Failing to secure a server can lead to lost or corrupted data, damage to devices connected to the network and unauthorized individuals getting access to sensitive data. There are a number of ways that you can protect your server, and they go beyond simply having a suite of protection software in place, although that is also key.

 

Anti-malware Software

Even if you’re renting server space from a third-party, you still need protection against malware. Large names in security make software that can protect servers from malware, and many are available as suites that allow you to get firewall, antivirus and antispam protection all in one package. You may also decide to select individual programs to provide protection for your server. The main thing is that you have a complete set of software that protects against intrusion and will scan files for viruses and the like.

 

Keep Your System Updated

One way that hackers get into many systems is by going through weak points that developers did not notice when creating a piece of software or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software.

Therefore, it’s important that all software hosted on a server is kept up to date. For hosting servers, that means even content management systems and the plug-ins the CMS uses must be kept current. Many operating systems and software suites can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

 

Change Default Settings

There are a variety of default settings that come with programs and even operating systems. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system.

If you can change, without causing problems for the system, addresses, folders, logins and port settings, you should do so. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

 

Use Robust Passwords and Keep Track of Permissions

Another important part of keeping a server secure is to ensure that passwords are robust and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error.

Two key parts of keeping a server secure in relation to passwords are ensuring that simple passwords are not in use and that passwords are changed on a regular basis. There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of a server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

 

Employ Brute Force Detection and Active Monitoring

Another important part of keeping a server secure is knowing what is happening with it at all times. Even the best anti-malware software cannot prevent all intrusions, and hackers are constantly figuring out new ways to circumvent security systems. Therefore, it’s important that activity on a server is always being monitored.

Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

 

Encryption

There are a number of types of data that you should be encrypting when they are transferred through a server. Logins, personal information and database information need to be encrypted, and it’s important that the highest level of encryption that works with the system is used. Lower level and older types of encryption are easy for many hackers to break through, so while they’re better than nothing, they’re still not providing proper protection for your server’s data.

When hackers can break your server’s encryption, they may be able to gain access to a variety of sensitive information, which can include login details. As with everything else, encryption upgrades may need to be done periodically to ensure that you’re using the latest and most effective methods available.

 

For those of you who feel there’s just not enough time in your day to maintain your server’s security, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net/managed/

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram

Written by David Maurer on October 27th, 2016

Tagged with , ,

It’s 2016 – Is Your Office Server or Web Site Being Held Hostage?   no comments

Posted at May 5, 2016 @ 6:07am cloud security

ransomwareThe latest wave of computer security news may sound like the headline of a new Bruce Willis movie – but Ransomware is now part of the daily conversation between not only security experts, but unfortunately by office managers and PC users across the globe having to deal with the ramifications.

This year malware infections, more specifically ransomware, have seen an exponential growth. They are also becoming more sophisticated, using newer methods that are not only harder to detect, but also require less user interaction.

Security researchers report attackers are not only upgrading their malware to make it more unbreakable, they are also using unique methods of distribution. In some cases, these methods require no user interaction at all.

In the past, most ransomware infections occurred via phishing attacks, which required a user to click on a malicious website or email link. But these newer attacks are less dependent on user interaction and more dependent on unpatched vulnerabilities or poor security practices.

These new breeds of ransomware are utilizing more advanced methods to attack computers and encrypt their files, before you even realize what’s happened. You are then forced to either pay the ransom or hope you have a backup recent enough to prevent any lost data.

To protect yourself you need to follow best practices, such as

  1. backup your servers and PC’s
  2. backup your servers and PC’s
  3. see item (1) and (2) above (seriously!)
  4. keep your software and systems patched and up-to-date
  5. Have a corporate gateway firewall with advanced threat protection
  6. Have / Install / Update local AntiVirus and Malware Software protection
  7. Always avoid opening un-expected emails or attachments
  8. Avoid clicking to web sites you don’t recognize (especially if sent in email)
  9. if you aren’t backing up your servers and PC’s already – stop reading and visit https://turnkeyvault.com/

It’s pretty simple – the same things that protect your office data and servers from most threats apply here, but the damage of ransomware encrypting and disabling all your corporate data within seconds or minutes is real and has lead to some high profile cases including hospitals being locked out of all their data due to ransomware!  Don’t let your business fall victim to the bad-named villain of a Bruce Willis movie – ransomware is among the most costly cyber threats actively attacking businesses right this very second.

Make no mistake – backing up your data is a must have in any security policy, and utilizing a secure remote cloud based backup solution such as  TurnKey Vault is ideal.  Make sure whatever backup solution you deploy offers data encryption, supports both desktop PC’s and Macs, as well as Linux and Windows based servers.  A backup solution like TurnKey Vault offers live cloud replication which will get you back on your feet in minutes in case of a true disaster by creating a live cloud-based copy of any PC workstation or Server accessible from anywhere over the Internet to get you access to your data and applications quickly.  If ransomware takes over your office network you can spin up a backup live copy of your servers and PC’s with TurnKey Vault from a time before the ransomware took over your office – and will have you saying “Yippee Ki-Yay” just like Bruce Willis as the ransomeware data hostage takers wont ever see a dime, and you will have all your data safe and secure.

 

Share : Facebooktwitterredditlinkedinmail Follow Us : Facebooktwitterlinkedinyoutubeinstagram