1. Huluw

    Huluw Well-Known Member

    Feb 6, 2018
    88
    How do you protect your dedicated server?
     
  2. hostechsuppor

    hostechsuppor Well-Known Member

    Feb 22, 2017
    77
    For protecting the dedicated server, you are suggested to do server hardening.

    Some important things to protect the server:
    1)change the password
    2)Change ssh default port number
    3)Regular Scanning and Testing(monitoring) system
    4)Install a firewall for better security
    5)Maintain your Databases
    6)Update Software Regularly
    7)Keep Data Backups.
     
  3. Huluw

    Huluw Well-Known Member

    Feb 6, 2018
    88
    can you suggest some for monitoring system?
    Can u suggest a firewall?
    what is maintaining databases?
     
  4. hostechsuppor

    hostechsuppor Well-Known Member

    Feb 22, 2017
    77
    Yes, of course, you can go through the below answers to your questions:
    1. Following are some of the Open source tool for server monitoring systems:

    1. ZABBIX
    2. Nagios
    3. SolarWinds
    4. ManageEngine OpManager
    5. Hyperic HQ
    6. Sciencelogic EM
    7. Spiceworks
    8. OpenNMS
    9. GFI Network Server Monitor
    10. Paessler

    2. CSF is a software firewall which is extensively used to on Linux servers to safeguard it from dangerous attacks like brute force, DOS, invalid login attempts, SMTP errors etc. Generally, Web hosting provider across the globe rely on CSF firewall. It works with iptables in preventing your server.
    CSF is more compatible with Linux distros which is efficient to manage and install. You can easily enable setup/block ports, allow/block/ignore the IP access & perform as many tweaks with CSF firewall.

    3. The vital importance of maintaining and updating your data cannot be ignored. Also, endure that your database is always secured and protected against SQL injection. It is even more essential when you collect sensitive information about clients.
    Moreover. you must look for:
    1. reducing privileges of database users
    2. eliminate unwanted data and
    3. deflect the areas of interaction between client and the database when not needed

    Hope this helps :)
     
  5. Jinius

    Jinius Member

    Sep 17, 2017
    11
    First things I usually do is:
    Disable root login
    Disable password logins(use public key instead)
    Use firewall
    Set up a reverse proxy
     
  6. Huluw

    Huluw Well-Known Member

    Feb 6, 2018
    88
    Thanks for all the info.
    Do you have a website for your security services?
     
  7. hostechsuppor

    hostechsuppor Well-Known Member

    Feb 22, 2017
    77
    You're welcome:relaxed: Do you have any requirement?
     
  8. Ray Sosher

    Ray Sosher Member

    Jun 2, 2018
    5
    Thanks hostechsuppor for the answer. It helped me protecting my server.
     
  9. hostechsuppor

    hostechsuppor Well-Known Member

    Feb 22, 2017
    77
    You're most welcome :relaxed:.
     
  10. SharonK

    SharonK Member

    Nov 17, 2017
    13
    You can take following steps
    • Change login credentials - do not share with anyone
    • A good firewall will avoid most of attacks, make sure to install and configure Firewall
    • In case of creating users, assign permissions and privileges accordingly
    • Server Auditing is a major factor - here you will come to know most of the issues and you will be able to patch them within time.
    • Keep yourself updated regarding the servers and attacks to avoid one in future
     
  11. BoltS

    BoltS Member

    May 2, 2018
    24
    - Secure SSH password
    - Install and configure CSF
    - Install Anti-viruses
    - Server Monitoring
    - User track
    - Server Update
    - Data Backup
     
  12. cherin

    cherin Member

    Aug 1, 2017
    8
    You have to do following things to secure your server
    - Secure SSH password
    - Install CSF firewall
    - Backup
    - User tracking and server auditing
    - Software Update
     
  13. mat

    mat Active Member

    Jun 25, 2017
    40
    User-side:

    protecting your server ip with cloudflare (use custom mail service like yandex.mail to cover mx leak), changing your ip before doing this as there is a possibilty that your server ip is already known and hiding it doesn't matter anymore. (like crimeflare database).
    and before all these, doing all these actions on a secure computer without any doubts of keyloggers,rats matters. And also not using these credidentals on public computers, doesn't taking notes about server ip/password on computer/your cloud account are also important.

    Server-side:

    always use licensed or approved scripts that has no sql injection vulnerability.
    change your root password and make sure to use 2 step verification on dedicated server provider's website if there are any.
    your email account's security is also important.
    to make sure any potential attact doesn't hit to the database, use recaptcha plugins - limit login attemption - ip blockers for unusual activity of db usage like the search part of the website.
    using cache that doesn't use db connection is also helpful.
    in any attack situation, switch to cloudflare's I'm Under Attack mode to cover most basic attacks.
    keeping your website's backups outside in a secure cloud account helps to cover irreversible damage.

    my opinions are more likely to help webmasters who host their sites on a vps but i hope it helps to someone.
     

Share This Page