Web Hosting Security For VPS & Dedicated Servers
Last Updated on March 28, 2017 by Ruchir Shastri
Most customers opting for a new server or running existing servers are ignorant of securing their servers so as to avoid attackers from:
1) Hacking the servers.
2) Using email servers for spamming.
3) Stealing their important and confidential data.
4) And much more.
We are seeing increasing number of incidents whereby hackers install ransomware on servers and demand hundreds or thousands of dollars to provide owners with the decrypting key. This is threatening for just about any business. Let us review a few security measures that can be enforced to keep your VPS or dedicated servers secure:
Install Latest OS & Software Updates / Patches Regularly
Many vulnerabilities stem from within the server – either through software installed on the server, operating system or outdated CMS that you are using. Hence, it is extremely important that you keep your operating system updated at all times with latest patches. Also, software installed on the VPS or dedicated server must be updated to latest versions so that it addresses all vulnerabilities. If software is not receiving regular security updates, your business server might be vulnerable and hence it’d be required to look out for similar software from competitor. There are numerous instances whereby customer websites are built on popular CMS like WordPress, Joomla, vBulletin, Umbraco, etc. but after initial setup, they are never updated. This is disastrous as can lead to severe issues for your business websites. All popular CMS receive constant updates and they must be applied on regular basis. The same applies to plugins and theme that you use in your CMS as well.
Install a Firewall with Intrusion Prevention System
Having a firewall sitting in front of your servers will ensure that all traffic passes through the firewall: this ensures that you have finer control over the traffic that should be filtered before it enters your servers. You can only allow traffic on required ports to your dedicated server or VPS and block everything else in your firewall. Furthermore, it is important to have Intrusion Detection & Intrusion Prevention system in firewall which works on commercial rulesets (constantly updated to fight against latest vulnerabilities) – IDS analyses the traffic pattern, matches against the rulesets and allows / blocks the traffic by creating appropriate firewall rules on the go. A robust firewall system provides complete web hosting security from DDoS attacks along with known & emerging exploits / vulnerabilities. You can find more details about Softsys Hosting Network Security Tools in our related section.
Install Anti-Virus and Anti-Malware Scanner
To avoid your hosting system from getting infected, it is necessary that you have a commercial level anti-malware and anti-virus engine installed in your server which will provide real-time protection from viruses / malware entering your server. In addition, you should also setup a “Full System Scan” by these engines at once every week so as to ensure that your system is completely secure and safe. You should also look out for engines that provide protection from ransomware as well. We have customers using MalwareBytes successfully with complete protection around-the-clock and our technical support staff is well versed to configure it appropriately for our customers.
DDoS attacks are quite frequent and cause your services to become inaccessible by saturating the network with massive amount of traffic from hundreds or thousands of IP addresses. If your website / service is inaccessible, it will directly affect your business and hence it is necessary to have DDoS web hosting protection enabled at network level. DDoS mitigation engine is self learning which studies the traffic pattern and detects all malicious traffic so that it can be dropped before it enters your server or data center. Hence, you are completely certain that the traffic entering your server or data center is completely clean and filtered by DDoS scrubbing systems in place. You can find more details about Softsys DDoS protection system in our related section.
Regular Security Audit
Securing your server initially on setup is a must for any VPS or dedicated hosting unit – however, it is equally important that there is regular security audit of servers so as to ensure that they remain safe and secure. Hence, you should always have expert hands which will secure your operating system, secure your email servers to ensure that it is not setup to allow anonymous email sending (protection from spammers), standard and critical services are setup on non-default ports, firewall is at optimal setup, etc. An efficient managed server service provider should be able to help you with these features. You can view the details of Softsys Hosting managed server plans with advanced web hosting security in our related section.