Best Practices for dedicated servers
In best practices for dedicated servers land, you enjoy abundant freedom. You’re free to run the OS and software that best meets your needs (as long as that software doesn’t violate your provider’s acceptable use policies). You’re free to have as many IP addresses and domains as you’d like. And you’re free to choose the bandwidth allotment that your traffic demands.
Of course, along with that flexibility and power comes the duty to protect your turf. Here are a few best Practices for Dedicated Servers that will help your server remain free – and safe
1. Patch, Patch, Patch
Why leave the door wide open for a hacker? Keep an eye out for patches for all your software and apply them regularly and diligently. Apache web server patches are announced at http://httpd.apache.org/security_report.html, and you can find patches and more for Microsoft’s IIS at http://www.microsoft.com/WindowsServer2003/iis/default.mspx.
If you’re using Windows, visit http://update.microsoft.com often to check for both critical and optional OS and software patches. Or, better yet, turn on automatic updates. Many Linux distributions also feature an automatic update feature. But, if the one you’re using does not, check the distro’s website. The same goes for all your applications, particularly your software firewall.
2. Work Within a Secure Shell
Whenever you update and maintain your website, be sure to do so using SSH/SCP that your login information is encrypted. Encryption is a simple, yet powerful, best practice for Dedicated Servers that could eliminate a myriad of problems.
3. Practice Good Password Hygiene
Cheekymonkey is not a good password! Hackers love passwords that contain dictionary words. Make their lives a lot harder by choosing passwords that are at least six characters long, use a mixture to upper and lowercase letters, and include numbers and other allowable characters.
4. Close Your Ports
You’ll need port 80 for HTTP access and port 22 to use SSH/SCP, and, if your site provides secure transactions for e-commerce and the like, you’ll also need to open port 443. Beyond these essential gateways, however, examine your needs very carefully and close down any ports you won’t need.
5. Inoculate Your Server Against Viruses
In today’s security climate, it should go without saying, yet security researchers continue to report amazement into how often this safe computing practice is ignored. Be sure to use an antivirus program that provides frequent definition updates.
6. Don’t Forget Physical Security
With all the cyber-threats that loom, it’s easy to forget that one of the easiest ways to compromise a server is to have physical access. While most data centers are reasonably secure, it pays to see if your provider’s facilities are housed in reinforced structures with adequate security.
Discussions of server security can – and do – fill entire books, but these tips provide a good start and will help you provide your users with a safe and secure Web environment.