- On November 12, 2019
Is your server secure? How easy is it to hack? These are questions that everyone who owns a server should ask themselves. To help you protect yourself and your servers, we have compiled the following list of essential security rules.
- Always use strong passwords. A good password contains a set of letters and numbers of different registers. The password should not be associated with your name, date of birth and/or mobile phone. This is important because most servers are cracked because they use simple passwords.
- Keep track of the software versions on your server. Try to update the server and all of its software every week.
- Do not run third-party programs on the server if you do not know what exactly they are doing. You can easily launch a virus that will give another person access to the server.
- Create backups. It’s important to back up your data regularly to avoid data losses during unexpected attacks.
- View logs in a timely manner. See who connected to the server and when the event happened.
- Try to use the root of your server less. When you use root access, you can delete important files or allow the program to execute malicious code.
- Use programs to filter server requests. For example, Fail2Ban will help you in case of brute force.
- Change the ssh port. There are many bots on the network trying to access servers via ssh using the standard login port. By changing it, you can avoid this problem to a certain extent.
- Check open ports and outgoing connections. You should also configure a firewall.
- If your server has a website, stay tuned and update all components. Use only certified plugins and servers.
- Do not install nulled templates, plugins or modules on your website, because they may contain built-in backdoors.
There you have it — follow these simple rules and you’ll protect your server from malicious users and attacks.
With love, Abelohost!