Many jump straight to software vulnerabilities, but a server security still needs to be given high priority and importance. The best way to ensure a server is physically secure is to choose a reputable and secure host like ServerPronto, but there are some steps to take if you want to create an even safer server hosting environment.

1. Ensure Your Server is in a Secure Datacenter

Your organization or business’s server should be in a data center that only allows authorized users and staff. Ideally, the data center will have 24/7 video camera monitoring and restricted access points.

2. Disable booting from External Devices in BIOS

You will want to configure your BIOS to disable booting from CDs, DVDs. external devices, floppy drives, USBs, etc. This can be done in the boot menu.

3. Enable BIOS Password

Different BIOS interfaces and their supported passwords will vary, but in general, there are 3 passwords you can use to prevent someone from having unauthorized access to your server: Supervisor password, user password, and HDD password. if all the options are supported on your server, you can use supervisor password to prevent BIOS changes, user password to prevent unauthorized access to the server’s OS, and HDD password to prevent access to the hard disk and its contents (It’s almost as effective as encrypting the hard drive).

4. Password protect GRUB Boot Loader

By default, many systems do not have GRUB secured with a password. When looking to increase your Linux server’s security you can add a password line to your grub.conf file. You should be able to find the file at /boot/grub/grub.conf

When you find the file, add the following line for a password.

$ cat /etc/grub.conf
default=0
timeout=15
password GrbPwd4SysAd$
..

After adding the password, you will want to encrypt the password so that it isn’t just plain text in the grub.conf file. You can do that by doing the following:

# grub-crypt
Password: GrbPwd4SysAd$
Retype password: GrbPwd4SysAd$
^9^32kwzzX./3WISQ0C

then
$ cat /etc/grub.conf
default=0
timeout=15
password --encrypted ^9^32kwzzX./3WISQ0C
..

Let’s Review

So, you’ve ensured your server is in a secure datacenter, disabled booting from external devices, enabled a BIOS password and password protected GRUB Bootloader. What else can you do to ensure your server security is done as possible? Ensure you are with a high-quality host (like ServerPronto) and check out a revolutionary new form of web hosting called geo-redundant cloud hosting. Geo-redundant cloud hosting will prevent physical failure of a server due to hardware failure, an insecure hosting environment, and other factors. Learn more about geo-redundant cloud hosting.

ServerPronto offers the best affordable and secure hosting service in all dedicated server packages.

Author

Anthony is a tech fiend. As a child, he dreamed of seamless integrations between hard drives and brains as a method of enhancing the human brain. As an adult, he enjoys more rational ventures into tech such as experimenting with and writing about the latest technologies and softwares.

Comments are closed.