Blog Header Banner

Archive for the ‘server security’ tag

6 Ways to Secure and Protect Your Server   no comments

Posted at Jun 24, 2020 @ 9:00am Web hosting

server-secure

If you manage or host a cloud or dedicated server, it’s essential that it is secure and protected. Whether the server exists to host files for a website or is networking computers for a business, it needs to be protected from malicious software, hackers, and threats. These threats can include a variety of harmful programs, such as ransomware, viruses, and rootkits.

Failing to secure your server can lead to lost or corrupted data, damage to devices connected to the network, and unauthorized individuals getting access to sensitive data. There are a number of ways that you can protect your server, and they go beyond simply having a suite of security applications in place.

Anti-malware Software

Even if you’re renting server space from a third-party, you still need protection against malware. If not already installed, consider downloading and configuring firewall, antivirus, and anti-spam software on your server. You can find many options available as plugins for your preferred CMS, such as WordPress, or web hosting manager, such as cPanel. The main thing is that you have a complete set of software that protects against intrusion and will scan files for malware and the like.

Keep Your System Updated

One way that hackers get into many systems is by going through weak points that developers did not notice when creating a piece of software or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software.

Therefore, it’s important that all software hosted on a server is kept up to date. For web hosting servers, that means even content management systems and the plugins the CMS uses must be kept current. Many operating systems and applications can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

Change Default Settings

There are a variety of default settings that come with programs and even operating systems. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system.

If you can change, without causing problems for the system, addresses, folders, logins and port settings, you should do so. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

Use Robust Passwords and Keep Track of Permissions

Another important part of keeping a server secure is to ensure that passwords are robust and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error.

Two key parts of keeping a server secure in relation to passwords are ensuring that simple passwords are not in use and that passwords are changed on a regular basis. There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of a server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

Employ Brute Force Detection and Active Monitoring

Another important part of keeping a server secure is knowing what is happening with it at all times. Even the best anti-malware software cannot prevent all intrusions, and hackers are constantly figuring out new ways to circumvent security systems. Therefore, it’s important that activity on a server is always being monitored.

Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

Encryption

There are a number of types of data that you should be encrypting when they are transferred through a server. Logins, personal information and database information need to be encrypted, and it’s important that the highest level of encryption that works with the system is used. Lower level and older types of encryption are easy for many hackers to break through, so while they’re better than nothing, they’re still not providing proper protection for your server’s data.

When hackers can break your server’s encryption, they may be able to gain access to a variety of sensitive information, which can include login details. As with everything else, encryption upgrades may need to be done periodically to ensure that you’re using the latest and most effective methods available.

For those of you who feel there’s just not enough time in your day to maintain your server’s security, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net/managed/

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on June 24th, 2020

Tagged with , ,

How to Secure and Protect Your cPanel Server   no comments

Posted at Jul 16, 2019 @ 9:00am internet security,Web hosting

Secure and Protect cPanel

cPanel provides convenient server access and an intuitive, user-friendly interface for managing your website. However, like any server application or environment, it can be vulnerable to several potential security problems. As a responsible webmaster or server admin, it’s up to you to recognize these vulnerabilities and take steps to close any loopholes hackers could use to access your server or website. Lets take a look at some of the ways you can secure and protect your cPanel server.

 

Strong Passwords

From the main cPanel portal to individual email accounts, every login point needs a strong, secure password. Guidelines for length vary, and some sources suggest as many as 14 characters to ensure protection. Longer passwords allow for more complex combinations of numbers, symbols and upper- and lower-case letters. Use a different password for accessing cPanel, FTP, email management and other secure areas, making sure none of them contain obvious information such as phone numbers or birthdays.

If you have trouble coming up with enough different combinations, try an online password generator. A password manager is useful for keeping track of your login information for all of cPanel so that you don’t have to look up each password every time you sign on.

 

CSF Firewall

A firewall lets you access cPanel while keeping unauthorized users out. Think of it as a border patrol for your server, constantly checking to ensure only the right people get through. ConfigServer Security and Firewall (CSF) is a popular firewall application for cPanel designed to serve this purpose. It scans the system on a regular basis and checks authentication logs to keep your site safe from hackers at all times. CSF also provides feedback on how to make your server more secure overall. Since more is better when it comes to security, check these reports and make any necessary changes as soon as possible.

 

cPHulk

Although a firewall can prevent hackers from gaining access to your site, it won’t stop them from trying to log in. Brute force protection is a feature of cPanel used to block IP addresses after multiple failed login attempts. Found in the Security Center section, this option is easy to enable and customize. Use the IP Deny Manager to manually input IP addresses known to be malicious so that they’re never allowed to log on.

You can customize the brute force option, known as cPHulk, by setting how many minutes the tool monitors for repeated logins, the maximum number of failed logins allowed and how long each IP ban stays in place.

 

FTP Access

With anonymous FTP, anyone can log in to your site via FTP with only a username and a generic password. This may be useful for sharing files with a large number of people, but it’s like an open door to hackers. When all users can gain access to your server through such a simple process, every file becomes subject to tampering.

Set your FTP preferences to allow only for SSL logins, and require a password to be entered each time. The setting can be found under FTP Server Configuration in cPanel.

 

SSH Access

Secure shell (SSH) is a convenient way to access your site from a remote location. Unfortunately, it can also provide an entry point for hackers. Information sent through SSH is authenticated and encrypted to prevent outside manipulation, so malicious users can’t touch it unless they break through your security measures.

The default port of 22 is the most common setting for SSH access. Changing it to another available port and implementing a security key for logins minimizes the risk of being hacked. Switch the settings from SSH1 to SSH2 for additional protection.

 

Hotlink Protection

Hotlinking is the practice of linking an image or file on one server directly to a page on a remote website. Some people do this in ignorance, assuming the easiest way to embed an image is to use the original link, but it’s generally considered a bad practice. Hotlinked files use bandwidth from your site every time someone accesses them, and this has the potential to overload your servers if too many requests are made.

The Security section of cPanel offers hotlinking protection. Simply enable the setting to prevent third parties from linking to your files. Add an extra layer of security by specifying certain file extensions you don’t want to be hotlinked.

 

Tweak Settings

While you’re taking care of the larger security issues in cPanel, make sure you don’t neglect less common settings. Open Tweak Settings under Server Configuration to access an entire list of other possible security measures. With this checklist, you can:

• Help prevent the sending of unauthorized emails, including spam
• Shut down potential email attacks
• Block malicious referrals or redirects from hijacking your site
• Stop the generation of proxy domains
• Require IP validation for cookies
• Set up an additional security token for cPanel access

Enabling these supplemental security settings helps address any remaining vulnerabilities and keep hackers at bay.

 

Automatic Updates

Your web host should have automatic cPanel updates in place. If not, go to Update Preferences in the Server Configuration area and enable the setting yourself. Old versions of software, including cPanel, may contain security vulnerabilities hackers can use to access your server. Automatic updates ensure you’re always running the latest version of cPanel with any associated security patches and bug fixes. Go back and check once and a while to confirm updates are running as they should. If not, update manually and contact your web host to find out why the setting isn’t working.

 

Security is one area of website management where you should never cut corners to save time or effort. The smartest thing you can do is implement proper security measures for cPanel as soon as your hosting account is set up. Don’t wait until disaster strikes or assume the security promised by your web host is enough. Take proactive measures to keep hackers out and stay in control of your cPanel environment.

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on July 16th, 2019

Tagged with , , ,

Effective Security Measures For Your Server   no comments

Posted at Feb 26, 2019 @ 9:00am Web hosting

If you run a server, especially for your business or organization, security should be a top priority. Whether the server exists to host files for a website or is networking computers for an office, it needs to be protected from malicious software, exploits and hackers. Failing to secure a server can lead to lost or corrupted data, damage to devices connected to the network and unauthorized individuals getting access to sensitive data. Below are various security measures that you can employ on your server that are extremely effective.

 

Review & Modify Default Settings

Programs running on your server, such as control panels (cPanel, Plesk), CMS (WordPress, Joomla, etc.) and even the operating system, contain various default settings  that need to be reviewed and if necessary modified. They include everything from preset usernames and passwords for admin access to default connection ports. Anything that is left as set up by the software manufacturer may be used as a way to gain easier access to a system. Even leaving the URL for admin access to a server or programs on the server can make it easier for hackers to get in. There are hacking tools that specifically scan websites and servers for default URLs and folders, so changing default login locations is important. On this same basis, it’s a good idea to make sure that directories are protected so that people cannot see their contents.

 

Active Monitoring

A critical requirement to properly managing a server is knowing what is happening with it at all times. Even the best security software cannot prevent all intrusions, and hackers are constantly figuring out new ways to exploit and circumvent security systems. Therefore, it’s important that activity on a server is always being monitored. Things that normally indicate a problem include incredibly high data transfer or processing power use as well as multiple failed login attempts. Brute force hacking involves trying to login to a system over and over again with different login and password combinations. In addition to draining system resources, it can also eventually allow a hacker to find a combination that lets them into your system. Real-time monitoring can help detect these issues and alert the appropriate people, and it can also shut down brute force login attempts.

 

Passwords & Permissions

Another important server security measure is to ensure that all passwords, especially the root and/or Admin passwords, are complex and that people are only given access to areas that they need to do their job. Aside from malice, giving an intern administrative access to databases could lead to major problems through simple error. It’s also recommended to change your passwords on a regular basis, even if they are robust.

There are a number of ways to tackle the issue of making sure passwords are complex enough, including using computer generated passwords or using passphrases. Computer generated passwords normally require certain characters, length and require a combination of upper and lower case letters; passphrases are combinations of words, and they tend to be easier to remember and more secure than passwords. There should also be a set time that passwords expire, which will require users on the network to change them on a regular basis.

Along with ensuring that people are only given access to parts of a server that they need to have, it’s important that permissions are updated when people leave a job or move to a different part of the company. This can be done with proper database management and doing occasional audits to ensure that access levels are appropriate.

 

Updates

One way that hackers get into many servers is by going through weak points that developers did not notice when creating an application or an operating system. This is why both computers and mobile devices need regular updates. Along with offering new options, updates close off back doors and holes in the security of software. Therefore, it’s important that all software hosted on your server is kept up to date. For web hosting servers, that means content management systems (CMS) such as WordPress, and the plug-ins the CMS uses must be kept current. Many operating systems and software applications can be set up to update automatically, but if you’re not comfortable with that, it’s important that you have some way of being notified when important changes are available.

 

For those of you who feel there’s just not enough time in your day to employ these server security measures, or if you just prefer someone else does it for you, at TurnKey Internet we got your back. We offer Fully Managed solutions, such as our Best cPanel Dedicated Server, that include Server Hardening. We’ll take care of securing and protecting your server so you can focus on running your business. For more information, visit https://turnkeyinternet.net/managed/

 

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by David Maurer on February 26th, 2019

Tagged with , , , , ,

The SSL POODLE that Bites – SSL 3.0 Issues for web sites   no comments

Posted at Feb 22, 2015 @ 11:20am internet security,Web hosting

PadlockWhen I say POODLE, what do you think of? Is it a fluffy dog? In most cases, I would be referring to the fluffy dog, but for this article, we will be focusing on a security vulnerability. I’m not sure if you’re aware, but if you’re currently using SSL version 3.0, you will need to perform some updates to your SSL daemon on your server. SSL stands for Secure Sockets layer. A SSL is what every ecommerce site should have. It allows for you to securely process payments through your website. In fact, if you’re taking orders from your clients, you should be using a SSL. SSL’s add another layer of security and trust for your clients. If you’ve not read my post on PCI compliance and you’re running an ecommerce site, you should read my post on PCI compliance here: (Insert link to PCI compliance post)

 

With SSL’s as with any piece of software on the internet, there are different versions. SSL version 3.0 is nearly 18 years, however, SSL version 3.0 is no longer secure and remains in widespread use across the internet. Nearly all browsers support SSL version 3, and in order to work around bugs, within HTTPS servers, browsers will retry failed connections with older protocol versions, including SSL 3.0. This retrying of failed connections within SSL v3, allows the POODLE exploit to be initiated. This POODLE exploit works due to the nature of the failed connections and allows for a possible leak of your customers data when processing orders. You can read more about the specifics of the attack here:

 

http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html

 

Browsers and websites should turn off SSLv3 in order avoid compromising users’ private data.  The most straight forward method is to disable SSL 3.0 entirely, which you can see how to do at the links below, however, this can cause a myriad of computability issues. Therefore, the recommend plan of option is to enable TLS_FALLBACK_SCSV. Using the links below, they will show you how to properly secure your servers SSL daemon. These options resolve the issue of retrying failed SSL connections. It also prevents hackers with knowhow from downgrading from TLS 1.2 to 1.1 or 1.0.

 

 

For WHM/cPanel servers –  https://documentation.cpanel.net/display/CKB/How+to+Adjust+Cipher+Protocols

 

For DirectAdmin servers – http://forum.directadmin.com/showthread.php?t=50105

 

For Plesk servers – http://kb.sp.parallels.com/en/123160

 

Follow Us : Facebooktwitterlinkedinyoutubeinstagram
Share : Facebooktwitterredditlinkedinmail

Written by Jeremy on February 22nd, 2015

Tagged with , , , , , , ,