RackForce Blog

New Products and Business Development

May 8th, 2008 [by Doug Alder]

When you manage your own server there is nothing, other than backing up your data, more important than staying on top of your server’s security. Your business and/or data depends on it. You only need to have followed the headlines these past few years to see how damaging it can be to a company when their customer database gets hacked. How you will protect your server depend on what type of server software you are running: Apache or IIS, and the applications you run on that server. Here are some suggestions -, the first of which is, when it comes to learning about server security search engines are your friends Apache:

1. If you are using a hosting control panel, such as Plesk or cPanel then some of the work is made a lot easier for you. Both control panels have features for updating the software they control (you must keep your software patched).
2. If you are using cPanel then the ConfigServerFirewall script should be added to your server. It integrates completely with the WHM GUI and you can use it to lock your server right down. Among other features, it gives you a graphical interface to IPtables and a server check feature that will list configuration vulnerabilities that should be fixed (and tell you how to fix them.)
3. Monitor your server logs – get and install logcheck/logsentry and portsentry
4. Apache has some good security tips located on their site
5. Patch, Patch, Patch! Know what software you are running and stay on top of patches for it, whether that is through Plesk/cPanel or not. Do not assume your software is safe. This applies equally to Linux and Windows servers. It is not just the OS that needs patching. Every application on your server will eventually have vulnerabilities.
6. Use SSH (on Linux) and SFTP (Secure FTP) not regular FTP to connect to your server. Traditional FTP is in clear text and a packet sniffer can sniff out your username and password. WinSCP combined with Putty are good choices for SFTP and SSH access. If you have a Windows server you should consider setting up a VPN to that server and connect through Remote Desktop via that VPN. Click here for instructions from MS on how to do that.
7. For RHES and CentOS users there is an excellent resource available at Linuxtopedia here and here (Caution: using these tips requires extensive knowledge of Linux and scripting)

Windows Server 2003

1. If you are running a MS SQL server see this page and this page for the top hints on securing your SQL server.
2. Implement a software firewall and a virus scanner on your server. Comodo has a very good firewall program and AV program free for personal use. Check with them to see if you can use it on your server. At the very least implement the Server 2003 built in Windows Firewall and subscribe to a hardware firewall service (such as RackForce’s Fortigate IDS service, if your provider has one available)
3. Use MS Security Wizard. This is very important. (Note: this is not installed by default and needs to be added via the Add/Remove programs menu)
4. Lock down SMTP to prevent DoS via SPAM flood.
5. Microsoft’s Server 2003 Security Guide (download .zip file)

Any OS

1. Learn all about the netstat command and use it. This is one way of finding out if you have a trojan on your system. netstat -v -b will tell you every program accessing a port, the port number, the sequence of components involved in listening on that port and the full path to those components. Very useful information. When you see a program accessing the net and you do not recognize the executable then look it up on a search engine to see if it is a threat.

PHP SecurityA lot of compromises aren’t Apache, SQL or IIS specific; it’s through add-on modules such as PHP and the scripts that they run. PHP users should consider enabling PHP Safe Mode or PHP in CGI mode. They may also want to look into using Suhosin for PHP (something cPanel allows you to do when recompiling PHP). If you are writing PHP scripts then the PHP Security Guide is an excellent resource.General Advice:Remember, if you are having to deal with these issues it is because you are not on a managed server, you are on a self-managed server. Your provider is there to help but under most circumstances as the server administrator it’s your responsibility to stay on top of your server’s security.These tips and tools are only suggestions based on my background research and my own server experience. If you’re not sure about any tip or tool please make sure to do your own due diligence. Ask your provider’s support staff for guidance (they shouldn’t charge for advice.) There are many tools and methods available out there. The key is to stay on top of security hardening and software patching. Do some research and apply the appropriate measures to protect your server and its contents.

You can follow any responses to this entry through the RSS 2.0 feed.
Posted in General | 2 Comments »
Both comments and pings are currently closed.

2 Responses to “Server Security”

1. Club penguin field ops Says:
   October 4th, 2010 at 5:07 pm

   Haven’t heard that yet. Where did you find this info from?

2. Doug Alder Says:
   October 6th, 2010 at 4:35 pm

   You might want to reread it as some old code was blocking some text from coming through – I fixed it

Copyright © 2011 RackForce Networks Inc. All rights reserved.

Follow us in Social Media

• facebook
• twitter
• linkedin
• youtube