A Selection Of Recommended Ways For Securing A Dedicated Server Against Attacks

by Dirik Hameed

A dedicated server can be secured in all sorts of manners, done by yourself or by making use of a server hosting company for your dedicated server security needs. Make sure the server has a firewall, and if possible one software and one hardware firewall. Advanced Policy Firewall (APF) is great for Linux-based servers. The easy to configure APF policy-based iptables system is also simple to use. Brute Force Detection (BFD) is also useful to install. BFD works by keeping check of failed attempts to login registered in the log files and if there are multiple failed attempts all from the same IP address within a short duration of time then BFD blocks this address in the firewall; therefore the IP address is blocked from connecting to the server. Installing BFD requires prior installation of APF as they work in conjunction with each other and BFD requires certain APF files in order to run properly.

Direct root login should be disabled so people are forced to login through different user accounts. SU to the root can then be done on an as required basis. This helps to protect the server from potential hackers. There are also e-mail warning systems that send notification e-mails to your e-mail account whenever there is a login as root to the server. This allows you to keep track of authorised logins and highlights when there are unauthorised logins. For security purposes you should use an off-site e-mail address to prevent a hacker from accessing your e-mail account following a successful hacked login. This is not a foolproof system as hackers can login to SSH by creating their own SSH connection, so you should keep your security system up to date. You should also change the default SSH port.

Install a root kit checker and run it once or twice a month on your dedicated hosts server or alternately check that your server hosting company does it. A root kit checker can be freely downloaded. You'll be able to find a variety of root kit checkers online, for instance Rootkit Hunter.

PHP functions that are not being used or are dangerous should not be enabled. Apache mod_security and DOS Resistance tuning (mod_evasive) are also beneficial security measures to install on your server. Mod_security monitors for server intrusions and assists in defending web applications from attack. In the event of a DDoS attack, HTTP DoS attack or a brute force attack the mod_evasive module assists in defending the server. The module can be configured to communicate with server firewalls, ipchains, routers and the like and can be utilised for network managing and detection purposes. E-mail notification and syslog records report abuse of the server.

Dedicated servers can have further increased security by having virus scanners and making sure all FTP uploads are scanned, as well as disabling all services that are not required. Passwords can be strengthened by making them at least ten characters long and using special characters in them. The above is just a small selection of the various ways you can protect a dedicated server. Remember, if you're not comfortable with installing these measures yourself you can make use of a secure dedicated server through a server hosting company.

About the Author

Melbourne can assist secure your server hosting against hacking http://www.melbourne.co.uk/ . Find out more about security and dedicated hosting servers http://www.melbourne.co.uk/server-hosting

Tell others about
this page:

facebook twitter reddit google+

Comments? Questions? Email Here

© HowtoAdvice.com

Next
Send us Feedback about HowtoAdvice.com
--
How to Advice .com
Charity
  1. Uncensored Trump
  2. Addiction Recovery
  3. Hospice Foundation
  4. Flat Earth Awareness
  5. Oil Painting Prints