In order to ensure a safe and secure server environment for databases, web applications and other services, IT server administrators have to take certain precautionary steps that will provide a higher level of protection to the server environment.
Use Strong Passwords for All Types of Users
It is extremely important that each and every user accessing the server from local or remote locations have a strong password set up for their user account. In some situations, only the root user password is usually set as a strong password. While other users are given more simple passwords to log in to their accounts. This is a dangerous situation and gives rise to the hacking of the server accounts, including the data stored in the server and the server environment. Hence every user who has login credentials for the server needs to maintain a strong password. A strong password usually consists of 15 to 20 characters. It should be a mix of capital letters, small letters, numbers, and special characters like %, $, ^,*,&, ! and @.
Avoiding Connecting as a Root User through Secure Shell (SSH)
Secure Shell is a Unix based protocol for securely connecting to a remote server. So, when SSH is used to connect to a server, both the client and server side connections are authenticated using a digital certificate.
Connecting to the server as a root user via SSH provides hackers a chance to force unauthorized entry into the server by guessing the root user password. In order to disable SSH access to the root user completely, one of the existing user accounts has to be elevated to a superuser account. So, through this superuser account, one can disable SSH access to the root user.
Setting Up Alternate Ports for SSH
Usually, hackers try to break into a server by gaining access via a server port. There are standard port numbers for applications like SSH. Intruders can use these standard ports to take control of the server running on that port. So, server administrators can change the port number that runs on the server. So, by doing this, the intruder program scanning the various standard ports will not able to guess that the server is running on a different user-defined port. And, in order to change the SSH port for a particular server, some configuration changes are required, including making changes to the firewall.
Using Encrypted Keys to Connect to SSH Service
Private encrypted keys go a long way in avoiding intruder attacks and protect your server by avoiding password hacking. When connections to the SSH service is needed, private encrypted keys can be enabled. And the password used to connect to SSH can be disabled. In this manner, server administrators can avoid weak passwords that can be hacked by hacker programs.
In order to create an encrypted key, the following steps are carried out:
- Creation of a new set of encrypted key pairs
- Saving the newly created encrypted key
- Connecting to the SSH client via the encrypted key
Backups
In order to quickly recreate the server environment after a possible intruder server attack, it is vital for the server administrator to have performed a backup of the operating system. Administrators can use various tools that are available for taking a backup of the operating system, including automatic and semi-automatic options. So, as a first step, the administrator should identify a specific secure location to store the backup.
Secure Copy
Server users can use the secure copy function for performing transfer of files to and from an SSH-enabled server. So, by doing this way, users can rid themselves of the security concerns that are usually associated with the traditional FTP process.
Iptables Firewall
IPTables Firewall is a powerful tool used for blocking unwanted traffic and allowing only desired traffic through.
On top of all these features, ServerPronto (www.serverpronto.com) provides a dedicated server private cloud environment to users.
ServerPronto offers the best affordable and secure hosting service in all dedicated server packages.
Photo cred: Flickr /Â Perspecsys Photos
Comments are closed.