By running your own server, you may feel more secure against hackers. While cybersecurity requires constant vigilance, it can become an easy routine knowing some useful procedures to protect your server from attacks.
In this article, we will look at some methods you can start applying for your server security, and to improve its protection as soon as possible.
Hide all information in your server software versions
If hackers can identify the software version your server is running, they can use this information to exploit any known bugs and security vulnerabilities in this version. You need to look for specific steps for this software, however some common software and services you want to check are:
Mail servers: Various mail servers can communicate their version to banners, which are sent after connecting via SMPT, IMAP and POP3, as a form of security handshake. It is known as grab attacks.
Web servers: Analyze your server's HTTP headers if you are using Apache, NGINX, Microsoft IIS, or anything else.
- SSH: OpenSSH communicates with the OS version by default.
- Fillet servers: Your FTP, SFTP, WebDav, and other file servers could share their release information at login, before authentication.
- Web languages: Frameworks for PHP, Java, .NET, and other web languages can sometimes include HTTP headers with version information, such as "Powered by x".
Consider virtualizing the SQL environment
SQL Server virtualization was once considered too resource-intensive to be practical in everyday use, but times have changed as server hardware has grown significantly in power in recent years. Some good practices to remember are to always try to use SLAT-compatible hardware and monitor server performance using a performance monitoring tool such as SentryOne.
Install only the absolutely necessary software
If your server has a lot of services, add-ons and software, you have a fairly broad attack vector. Your server should contain the essentials, with only the most critical tools and software you need to install.
You should also make it a software dependency check, as this can lead to problems with installing additional software. You should try to get software with the lowest possible dependency level.
Protect yourself from brute force attacks
Instead of allowing password connections, consider SSH key authentication. However, there are advantages to using SSH keys, such as tools for breaking weak SSH key passwords to recover the SSH key. It is a much stronger form of security than regular passwords in many cases.
Other things to do are set limits on authentication rate so that automated passwords and keystrokes are significantly slowed down and IP addresses with failed connection rates are automatically blocked.
In addition, you should close as many network ports as possible while filtering out those that cannot be blocked. The firewall configuration should have a block policy by default and you should filter open ports by allowing only traffic based on the actual expected source (IP address, location, etc.).
Update your software regularly
Many breach attempts nowadays are either aided or abetted entirely by bot tools, which scan your network for critical access points. You can mitigate many potential risks by keeping your software up to date, not only with security code updates for your operating system, but also any packages and dependencies.
You should also check your server logs regularly for signs of problems, such as errors or strange events.
This is just a short list of quick steps you can take to secure your server from hackers, but there are many more in-depth strategies you can follow as you deepen your cyber security. If you use a server in your home, you may also want to consider protecting yourself from data and identity theft.