Sals
Actions speak louder than words
- Mar 23, 2011
- 47
- 6
Hey, I was looking at a few servers and they seem to be going well.
I was searching the other day for 0ni's thread on securing a server, but I couldn't find it sadly.
So I thought I would write up a thread on helping the new guys on securing their retros.
This is only a rough draw up, so if you don't like it. Just dont read it, instead of criticising.
So here's a few tips on how to do that:
Current Tips: 6
1. Dropbox
Dropbox is a free program which allows you to store files on a virtual disk, you can use it like a external hard-drive.
Meaning that you don't store any of your files on your VPS, this can save a lot of diskspace, and can make your VPS
alot more secure.
You must be registered for see links
ttp://dropbox.com2. Malware Bytes
Malware Bytes is a lightweight AntiVirus, which works perfectly on servers. A scan a day, keeps hackers away!
I recommend it alot, especially if your downloading things on your VPS. It's a very lightweight program, and its
simple to use!
You must be registered for see links
3. Passwords
Having secure passwords is a MAJOR, MAJOR priority when owning a server. People can hack into many things,
such as your Administrator account, your VPS, your PMA(PhpMyAdmin).
Using a password generator and storing your passwords in a safe place is very recommended. Passwording Directories on
your computer would be great!
You must be registered for see links
4. Peerblock
Peerblock is program that blocks "bad" computers from connecting to you, It has many listed computers using spyware which
can really effect your server. This is also a very lightweight program, and it's very recommended. It also prevents DDoS attacks
which is great, DDoS attacks are continuous pings. Well most of them are, mainly insecure children use them, but without peerblock, your
server can suffer a lot of downtime.
You must be registered for see links
5. Directory Names
Directory names are a major priority in securing your server, it allows people to not access your admin directories etc.
By changing it from
e.g website.com/admin/ to website.com/hidden/ would mean that people can't access the administrator panel.
This is a great way to secure your administrator panels etc, meaning that nobody can access your personal files.
A few directories which I would rename would be, /admin/ ; /mod/ (Forums) ; /install/ (Deleted most of the time) ;
6. Using a Webhost
Using a webhost for your CMS is highly recommended, cPanel allows RemoteSQL which allows you to connect your
server to the webhost.
This is highly recommended, and can prevent DDoS attacks to your website.
One thing when looking for a webhost is looking for an offshore one, there are many of these out there!
You can send me a PM Asking for a offshore webhost, I can also provide you with a reseller if you wish.
All of my servers are hosted in the UK, with cloudflare and DDoS protection.
------------------------------------------------------------
Well, thats the list.
If you have any more suggestions/tips, please post them below so I can add them to the thread!
Anyway, I'm not saying these are musts, but I highly recommend them from personal experience.
Regards,
Sal
