Tag Archive 'malicious'

Security Tips for Windows Dedicated Hosting

The opportunities are abundant on today’s internet.  With the emergence of e-commerce and millions of people surfing online at every moment of the day, virtually anyone has a shot at succeeding and generating income from the internet.  Unfortunately, similar opportunities exist for more unscrupulous characters, individuals looking to make their profit off your hard work.  Hackers and malicious software coders are not only a threat to the consumer-based PC, but the high-powered server running your website as well.

With so many probable threats, adequate security is an absolute must for anyone running an internet business.  This is particularly true if you are hosting on your very own dedicated server and using the Windows platform.  For some, this is challenging as maintaining a server and keeping it running properly is a task in itself.  Because security translates into a long-lasting business and customer satisfaction, we will provide you with a few tips to make sure your Windows dedicated server is as secure as possible.

Password Protection

Never look at passwords as just some optional feature that you can do without.  The sensitive areas of your server need to be locked down to prevent unauthorized access.  If not, you can be the victim of a hacking attack, defacing or even hit with a nasty infection that compromises the entire system.  For these reasons, your passwords should be secure and unpredictable.  Refrain from simple terms and phrases that can be found in a dictionary.  Instead, come up with something at least eight characters in length with a nice blend of numbers, letters and symbols.  This constitutes as a strong password which will make the vital areas of the server much harder to penetrate.

Hardened Shell Access

One of the most effective ways to ensure the security of a Windows dedicated server is to secure the SSH function.  This can be done by disabling the password authentication scheme and using public key encryption for SSH authentication instead.  Port 22 is known as one of the most vulnerable points of entry, commonly searched by intruders looking to access web servers.  By moving SSH access to another port, no one will be able to find you aside from those who know where your server is located.  Additionally, you should make sure to utilize the most recent version of SSH are prevision versions tend to be more vulnerable after hackers find ways around the security mechanisms.

Hardened Apache

Ensuring the security of your Apache server application is one of the most important aspects of keeping a Windows dedicated server protected.  Because Apache is a widely used solution, it is also a prime target for intruders looking to gain access via server applications.  The best way to secure this critical application is to use an efficient mod security tool.  You can learn more about the benefits about mod security at modsecurity.org.

Disable Unused Applications

Aside from Apache, general web applications pose great security risks.  An experienced intruder can take advantage of the smallest scripting error and use it to hack into your system.  The worst part of all, there is a great chance you will not even be aware until the damage is done.

Conclusion

Web security is vital these days, especially when a Windows server is involved.  This system has been the target of many brutal attacks that have left the most prominent companies staggering.  By taking a few preventative measures to lock down your dedicated server, you can better your chances of not becoming another statistic.

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5 out of 5)
Loading ... Loading ...

Nov 18, 2008 : Security Issues No responses yet

Web Hosting Security - Are you prepared?

In today’s web-based world, hackers and malicious software are the biggest threat to anyone who conducts business online.  Viruses and worms have the ability to cripple entire networks while an experienced hacker can penetrate a system and thieve confidential data.  Because of this, consumers and online businesses alike are taking proactive steps towards protecting their personal information.  Some are conferring with their web hosting providers to ensure that the security measures they implement are reliable.

Security is especially critical in environments where shared and virtual private servers are being used.  Not only is important to protect consumers from the common threats associated with the web, but to also protect clients who are sharing the server with potentially malicious users.

One security feature that is often implemented to assure this protection is something known as a cage structure.  In a cage structure, every hosting client is assured complete privacy from other users on the server.  It uses the “change root” restriction from the Unix operating system which enables the hosting server to behave like a restricted shell.  This creates a cage around the hosting server and places boundaries that can’t be accessed by any client.  In a cage structure, no user can interfere with the core operations of a server or it’s associated services.

When considering building your site on a shared server you should also inquire about the implementation of binary code in the environment.  Unapproved binary code could inadvertently create security gaps in the server and place sensitive customer data at risk.  Any application or programming language that has the ability to breach security should be prohibited.  A reliable provider will not allow this type of activity if there is even the slightest possibility that it may compromise clients sharing the server.

A reliable provider will also make certain that the deployment of it’s operating system and software are hardened with updates and patches.  Such a configuration will ensure that all known vulnerabilities and exploits are eliminated.  They will provide continuous security against software exploits by applying the most recent fixes and distributing security advisories to clients on a routine basis.

In order to contain prevalent threats, a web hosting company must commit to sound security measures to ensure protection for their clients.  Here is how it can be done:

  • Ensure that all hardware is physically secure

  • Ensure that all network services provided by the operating systems are secure

  • Ensure that the files system is secure from unauthorized access

  • Ensure that password features are always enabled

Furthermore, companies can implement better security with reliable firewall systems.  A firewall could be either a software or hardware component that prevents hackers from gaining unauthorized access to a server.  When properly configured, a firewall makes it difficult for an intruder to even locate your system.  It will help to ensure that malicious traffic cannot attack or enter the hosting environment.   A firewall should also be configured in a manner where attacks can’t be launched from the server.  This would prevent outbreaks where infected machines are commanded to attack other systems.

Lastly, it’s a good idea to choose a shared host that provides anti-virus features.  Most of the time, a Unix hosting environment will be immune to Windows-based malware.  However, it often has the ability to infect a Windows system just the same.  For this reason, enhanced security is required at the user-end to prevent the mass creation of infected sites.

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5 out of 5)
Loading ... Loading ...

Aug 08, 2008 : Security Issues No responses yet