Add Security to Dedicated Server

Dedicated server security is vitally important for businesses to avoid disclosing of sensitive information and protecting company’s data against viruses. HTS Hosting dedicated servers undergoes a rigid security check before and during the deployment to give our clients a piece of mind. You check some security points mentioned below: -

• Increasing your dedicated server security – Change SSH port on the server from 22. This prevents from automation brute-force attacks even from beginning to guess usernames and passwords on the server.

• Using TLS (Transport Layer Security) – TLS protect interface for server administration. TLS encrypts web traffic between server and computer. It prevents hacker from capturing sensitive information so they can execute attack. Our servers offer TLS protected access. But it has to be configure while deploying dedicated server.

• Use trusted networks and computers to administrate your servers - Ensure all systems that are being used in administrating are free from malware that gives attackers login information for your server’s administrative interface.

• Always keep latest updates and releases for active scripts – Monitor the developer’s systems whose scripts you’re running to aware of patches and other tweaked releases.

• Check kernel Version – Linux kernel is core system program of Linux systems. HTS Hosting experts always check kernel version to ensure that there are zero exploitable vulnerabilities/ bug. If any kernel vulnerabilities/ bugs are discovered, the update process will start immediately and HTS Hosting will contact its client to schedule a reboot.

• Review PHP settings – There are numerous PHP settings that HTS Hosting advised to be disabled on the servers that are not required.

• “allow_url_fopen” – This option enables URL aware fopen wrappers that enables accessing of URL object like files.

• “allow_url_include” – This option enables the use of URL-aware fopen wrappers with following functions – include_once, require_once.

• Register_globals – It is an internal PHP setting that registers $_REQUEST array’s elements as variables. If you submit a value in form through POST and GET request. The value of that input will automatically accessible through PHP script.

• Review Apache mod_security – Apache mod_security is a software firewall that scans the whole incoming HTTP requests for known exploits. HTS Hosting maintains internal ruleset for many known exploits/ bugs and constantly checks to ensure latest ruleset in installed on server before deploying. To make sure that your server is always using the latest ruleset. HTS Hosting configures server to update ruleset every day.

• Review CSF Configuration – CSF is a software firewall that supports brute force detection and prevention, flood protection, process tracking and many other wide range of automated security features. By default, HTS Hosting installs and configures CSF on all Linux users.

• Review System Binaries – HTS Hosting runs full web server security audit on binary package versions. Such as BIND, udev and apache to ensure that everything is up to date and is completely not vulnerable to acknowledge exploits.

• Disable unnecessary services – HTS Hosting disables services that are not used. This ensures the security of the server

• Deploy only security-focused configurations – HTS Hosting deploys only initial security-focused configurations for MySQL, Exim, FTP, SSH.

• Install RKHunter – RKhunter is designed to scan server for known rootkits and modified system binaries.

Conclusion: -

Thus, there are many configurations that can be done to add security to the dedicated server. For affordable Windows dedicated hosting plans, Linux dedicated hosting, Windows dedicated servers and other web hosting plans connect with HTS Hosting.

Source:https://www.htshosting.org/knowledge-base/server/110/add-security-to-dedicated-server