Web-site developers know how many risks there are: security misconfiguration, DDoS attacks, cross-site scripting, injection, and authentication. Luckily, the security of your server depends not on technical support team only. You can also do some simple things to protect it. We are happy to share these step-by-step instructions with you.
If your web-site uses a content management system, you can perform one easy but very important thing. Keep updating your CMS and the plugins you have. Note that it’s not necessary to install updates every time you see something new released. However, you should track how your plugins are affected, and may talk to customer support team to find out how the latest updates can protect your data.
Make Sure that Brute Force Detection is Activated
Brute Force Detection is a service that tracks log files for brute force attacks on your server. These are attacks performed by people with the help of rapid logins and dictionary files. This system pays special attention to successive failed login attempts during short period of time from one IP address. If the system suspects that an attack is being attempted it will block the IP address via server’s firewall.
Alter Default SSH Port
If you change SSH port to something different from default port 22, you can protect your server against brute force attacks which aim to scan vulnerable servers in the Net. Although that does not guarantee total protection, many brute force login attempts are usually made on servers with the default port, and altering the port may slightly reduce the chance of becoming the next victim.
Deactivate Root User Login
When hackers perform brute force attacks, they often try to get access to the root passwords. To avoid such situation, you should deactivate root user login in the SSH completely. If you create a new user and apply an alternative login that may be switched to root when necessary and you will be able to protect your server and save access to root functions.
Update Root User and SSH Data in Manage
When you make the above-mentioned changes to your root user logins and SSH port, you should update this info in your manage interface. If necessary, you can contact your provider and ask him to help with that. Your login details would be required to render help. Updating this information in manage interface allows login into the server quickly. Thus, you will be able to check and solve problems that you may have. Besides, you will apply and install all updates in time.
Use Safe Passwords
When you have taken all security measures, a weak password may let you down. When it comes to your server, you should make up a longer, complex password. Select it carefully when setting a server up. Remember that a strong password should contain minimum 10 characters, exclude dictionary words, and necessarily contain a mixture of special characters and numbers. Alternatively, you can visit a web-site that generates complicated passwords.
Follow these step-by-step instructions, and you will make your servers more secure. And if you need some help with that, do not hesitate to contact our support team.