Your web server or servers represent the digital essence of your web presence on the internet. These servers are where all of your data files, images, site design files and all of your sensitive information get stored. Furthermore, if you’re hosting multiple websites on a single server account, you’re protecting even more than some people. Basically stated, almost your entire online presence depends on your servers being secure (unless you’re depending entirely on a series of social networking accounts which are stored on entirely separate servers belonging to the social networking site owners)
Protecting these data servers is vital if you want to protect yourself against dangers such as hackers, data thieves, malware, spyware, bad bots and different kinds of Denial of Service Attacks. Keeping all of these at bay will prevent your site from being destroyed, crashed or your and your customers’ personal data from being stolen.
Fortunately, server security is not extremely difficult and by applying these 10 fundamental steps, you can dramatically increase your websites’ safety.
Top 10 Lists on Server Security
1 – Pick a Known and Secure Web HostYou will almost certainly be using commercial servers run by a third party host and have to depend in part on their own security efforts. However, not all hosts are of the same quality, so pick one that offers a robust security package for all of their hosting clients. Basics to seek out in a secure web host include (but aren’t limited to): PHP, MySQL, Apache and other server apps running the latest versions and constantly updated, the host runs an internal firewall for their server space, regular automatic backups of your server data, antivirus protection, protocols against Distributed Denial of Service attacks, activity tracking and SFTP (secure file transfer protocol) allowing safe transfer of documents to your server and websites.
2 – Rent your own Dedicated ServersMost web hosts offer both shared servers and private dedicated servers for their clients. Pick the dedicated servers even though they will probably cost you ten times more per month than the shared server hosting option. Dedicated servers not only allow you much more website building space, they are also more resilient to denial of service attacks and easier to secure against hacking.
3 – Back Up your Server Data RegularlyJust in case a worst case scenario occurs and your web servers get hacked, resulting in the destruction of all your website data, you will at least be able to rebuild your website or sites from scratch if you’ve been regularly backing up your server data. Do this at least once a week if you’re running frequently updated websites and store all of the server information in a separate storage system such s a portable HD or your computer’s hard drive.
4 – Use Secure PasswordsAccess to your servers, access to your Hosting account and access to your File Transfer Protocol system will all be protected by password prompts. You can even add internal password protection that separates different information inside your servers themselves. In all of these cases, use passwords that are strong; don’t use passkeys like “doggie” or “12345”, instead pick long passwords of at least 10 to 20 characters and have them consist of multiple random characters such as lower case letters, capital letters, numbers and symbols all mixed together.
5 – Regularly Update all your Website Apps and CMS SystemsThe websites you have stored inside your servers will almost certainly be using numerous third party apps such as Java, Flash, Adobe Acrobat and others. If you’ve got these unning on your websites, make sure that they are regularly updated to run the latest most secure version. The same applies if you’re using a Content Management System (CMS) like WordPress or Drupal, run the latest versions at all times, this applies to the internal plugins that are installed through your WordPress account.
6 – Install Third Party Antivirus and Antimalware Software AppsYour web host will be running their own antivirus and firewall systems (or at least should be) but that doesn’t mean you shouldn’t double the protection by setting up your own as well. There are programs such as Incapsula, Cloudflare and others run by Kaspersky available to secure your site servers against malware, bad bots and DDoS as well as offering all sorts of other site protection and even enhancement features.
7 – Block Vital HTTP Information LeaksMany servers that have been poorly configured will send out HTTP headers full of revealing information about themselves to third party internet applications like browsers. This info can include data such as server brand, version, operating system type and other data; it can then be sniffed out by freely available programs such as Websniffer. Depending on your web hosts server configurations, you can turn off this information flow through variable methods.
8 – Actively Monitor your ServersInstall or activate tracking software on your servers that monitors all activity and regularly check up on it to see if any unusual data transfers, program activations and other odd or unauthorized activities are going on. This may seem tedious but it’s one of the best ways to fully supervise the security of your servers.
9 – Secure your Work ComputerThere are many attack routes into a website’s servers and not all of them are direct paths over the internet or website. The computer you use to transfer information and files into your website can easily be an attack vector unless it’s secured. Make sure the machine itself runs its own firewall and Antimalware protection. Also, make sure you run a Secure FTP program that’s password protected and never left logged in on that machine.
10 – Encrypt your Internal DataFinally, if your servers get compromised in some unlikely scenario (given you’ve been following through on the above tips) you can always use one last resort to protect your data: secure your information by encrypting it. Your internal files, especially any files that contain sensitive data and passwords or client information should all be hashed over and encrypted so that even if digital thieves access them, they can’t get any worthwhile information out of your server data.
[Contact or email us with your questions, comments or tips.]