For the average person, the Internet means social networks, memes and YouTube videos. But in fact, the Internet is a jungle full of predators who are trying to devour all your personal data, passwords, credit card numbers, etc. A separate type of predator in these drungals are those who like to hack someone else’s website or server, either for the sake of stealing data, mining cryptocurrencies, creating a botnet, or just for fun, to tickle their ego. And usually inexperienced users of hosting services who have only recently bought their first VPS make trivial mistakes that can and will definitely lead to dire consequences.
We at 3v-Hosting decided to collect the TOP 10 most common mistakes made by novice administrators, which you should correct first so as not to become easy prey on the global network in the very first minutes of your presence there. So, let’s go!
1. Software and updates
God, how often, having set up their server once, people forget to update it. They believe that something that has been set up once cannot be touched so that it continues to work. But this is the stupidest mistake you can make. After all, every day new vulnerabilities are found in any software, with the help of which attackers can gain access to your data. And the more time passes, the more vulnerabilities there are in your software, so that over time your server begins to resemble a wheel of cheese with holes.
Software vendors are becoming aware of these vulnerabilities and are addressing them to the best of their ability. That is why it is necessary to update the system and third-party software as often as possible and do this only from the supplier’s official sources. This way you minimize the chances of hacking using long-known vulnerabilities.
2. Access control
Recently, a potential client asked us to configure access on his server for the root user with the password 12345 – well, so that he would not forget the password. We, of course, refused him and held an explanatory conversation about the basics of information and cyber security. True, after that he changed his mind about buying a server, because he was damn scared by the number of security parameters 🙂 But it’s better to let him go and read specialized literature instead of having his server hacked on the first day.
So – access control to the server has a key role. Actually, if an attacker got inside your server, all is lost, he will probably be able to access all your data, even if he logged in as a regular user without superuser rights.
To prevent this, you need to perform a few simple steps:
– It is better to disable the root account altogether, and instead create a user account with superuser rights, but with a complex name that cannot be guessed.
– Choose a complex password, consisting of at least 8 characters and must contain lowercase and uppercase letters, numbers and special characters. THIS IS IMPORTANT, damn it! Don’t neglect this!
3. SSH Security
The main tool for accessing a server running Linux and not only at the moment is SSH. And the correct configuration of this protocol plays a huge role in server security.
– Change the default SSH port. Yes, of course, an attacker can scan open ports manually, but this will protect against 95% of automated hacking attempts using standard ports and passwords.
– It is best to completely prohibit login via SSH by login, and instead configure login to the server only by key.
– Additional protection will be provided if you configure permission to log in only from a specific IP address.
You can read more about setting up SSH in our article.
4. Firewall and ports
Correctly setting up a firewall will protect you not only from server hacking, but also from unnecessary, junk traffic. With it, you can and must close all unused ports, leaving open only those that you need for the server to operate, for example 80 and 443 (http and https).
5. File system and permissions
When setting up a server, be careful about file system permissions. Be sure to restrict access to sensitive data and directories in case an attacker has already gotten inside the server.
6. Encryption
Another option in case your server has already been hacked is to encrypt critical data, that is, even if an attacker gains access to it, he will not be able to read it, will be offended, and maybe even cry with frustration 🙂
7. Monitoring and managing logs
System logs are the best and richest source of what is happening with the system, whether it is working stably and without errors or whether there are any problems or oddities. Therefore, monitoring system logs is a mandatory activity that should be planned when setting up a server. There are many methods and tools for automatically monitoring logs and even blocking possible threats. The oldest, most flexible and stable is fail2ban.
8. DDoS protection
Protection against DDoS attacks is a broad topic and requires a separate article. But you can make basic settings in your web server so that it blocks suspicious activity, for example, limiting the number of requests per unit of time from one IP address, balancing the load and managing the buffer. This will not save you from a powerful attack if they want to carry one out on your server, but in 99% of cases, attackers will not be ready to spend huge resources on hacking your server with a website for gardeners or lovers of grape snails. Therefore, the simplest measures can protect you from most possible problems.
9. Protection against viruses and malware
Of course, one cannot help but pay attention to this aspect. Until recently, this problem was less relevant for servers running Linux, but over the past year the number of viruses for Linux operating systems has increased by 50%, which, unfortunately, shows negative dynamics in this area. This means only one thing – it is necessary to use antivirus software.
10. Physical security
Few people think about this when buying a server, but this is in vain. If an attacker can disguise himself as anyone, be it an electrician or a journalist, to get into the data center where your server is located, then everything we wrote about above was done in vain. Therefore, you need to be careful when choosing a hosting provider. Ensure that physical access to the server is limited and controlled.
So, we hope that this article was useful to you and showed you that the world of the Internet is full of dangers. So if you don’t want to be among those whose server was hacked and whose data was stolen, then act correctly, constantly learn, think with your head before doing anything, and of course read our articles.
Have a nice day, everyone!
