| By :
Dirik Hameed
There are a variety of ways to secure dedicated servers, either yourself or through the security services offered by server hosting companies that will ensure your dedicated server is locked down and secure. Your server should have a firewall and for the best security it should have a hardware firewall as well as a software firewall. Advanced Policy Firewall (APF) is great for Linux-based servers. APF is a policy-based iptables system that has simple configuration and ease-of-use. Brute Force Detection (BFD) is also useful to install. BFD monitors log files for failed login attempts and if several failed attempts are detected within a short time period from the same IP address then BFD will block this IP address in the server's firewall, which prevents that IP address connecting to the server. APF needs to be installed before installing BFD as BFD works in conjunction with APF and needs some of the APF files to function properly. Users should be made to login through other user accounts instead of being able to login to root directly. SU to the root can then be done on an as required basis. This defence assists server protection against possible hacking attempts. There are also e-mail warning systems that send notification e-mails to your e-mail account whenever there is a login as root to the server. You can therefore monitor authorised logins and be warned if there is an unauthorised login. For security purposes you should use an off-site e-mail address to prevent a hacker from accessing your e-mail account following a successful hacked login. Bear in mind that this system is not 100% secure because hackers can create their own SSH connection to gain SSH login access and therefore all the server security should be regularly updated. You should also change the default SSH port. Make sure that you or the dedicated hosting server company if you're making use of their services runs a root kit checker on your dedicated server at least once a month. This tool is available to download free of charge. You'll be able to find a variety of root kit checkers online, for instance Rootkit Hunter. PHP functions that are not being used or are dangerous should not be enabled. Apache mod_security and DOS Resistance tuning (mod_evasive) are also beneficial security measures to install on your server. Mod_security keeps track of attempted server intrusions and assists in blocking attacks on web applications. In the event of a DDoS attack, HTTP DoS attack or a brute force attack the mod_evasive module assists in defending the server. The module can be configured to communicate with server firewalls, ipchains, routers and the like and can be utilised for network managing and detection purposes. You can be notified of server abuse via syslog facilities and e-mails. Other useful methods for securing dedicated servers include disabling any services that are not needed, installing a virus scanner and always scanning any FTP uploads. In addition any passwords that are used should always be at least 10 characters long and make use of special characters. The security steps above are just some of the things you can implement to secure a dedicated server. Remember, if you're not comfortable with installing these measures yourself you can make use of a secure dedicated server through a server hosting company.
|
![[Valid RSS feed]](http://www.articlesbacklink.com/images/icon_Rss.png "XML Feed For RSS"){kind=icon}
Category Rss Feed
Print This Article
Add To Favorites
