Maintaining a secure server demands that every aspect of the server be reviewed and configured with security in mind. This multi-faceted approach to securing a server is known as “defence in depth” because each security measure that is implemented adds an additional layer of defence.
All of the security measures linked to below will contribute to the security of your server. They can be implemented individually or collectively as they will all work together with each supporting and strengthening the others.
These security best practices are concerned with setting up and maintaining a secure host server.
Selecting a server, OS and web server
These are amongst the first decisions that will affect how you manage the server and the services that will run on it.
Automated Security Updates
The linux operating system is composed of many thousands of software packages. They all receive important updates and security patches regularly via the system's package manager. It is important that security updates are applied as they become available and the easiest way to do this is via an automated process.
Server status review
An important skill to acquire is to be able to rapidly review the status of your server in terms of its CPU, RAM, disk usage, running processes and other metrics. Problems, including security issues, will often manifest in abnormal usage patterns that are immediately obvious once the tools outlined in this guide become familiar.
Server security review
A server compromise will often be detectable with some simple and rapid checks explored in this guide. With practice, these checks can be run whenever a server is logged into in a few seconds. Along with the checks outlined in the "Server status review", a server can be rapidly evaluated with these ubiquitous command line tools.
Backups are one of the most important systems for protecting your data and ensuring continuous service to your clients. Data can be lost through malicious action, administrative mistakes or hardware failure. Working backups will make restoring your system swift and painless.
Secure CMS documentation
If you are running a Content Management System or CMS on your server Memset provides addition documentation for securing and backing up these types of websites. Documentation is provided for Drupal, Joomla, Magento and WordPress in addition to general security information applicable to all CMS’s.
Last updated 14 August 2017, 11:23 GMT