[HOW TO] Secure your Server [TUT]

Sals

Actions speak louder than words
Mar 23, 2011
47
6

6zvl0m.png





Hey, I was looking at a few servers and they seem to be going well.
I was searching the other day for 0ni's thread on securing a server, but I couldn't find it sadly.


So I thought I would write up a thread on helping the new guys on securing their retros.
This is only a rough draw up, so if you don't like it. Just dont read it, instead of criticising.


So here's a few tips on how to do that:


Current Tips: 6


1. Dropbox


Dropbox is a free program which allows you to store files on a virtual disk, you can use it like a external hard-drive.
Meaning that you don't store any of your files on your VPS, this can save a lot of diskspace, and can make your VPS
alot more secure.


ttp://dropbox.com


2. Malware Bytes


Malware Bytes is a lightweight AntiVirus, which works perfectly on servers. A scan a day, keeps hackers away!
I recommend it alot, especially if your downloading things on your VPS. It's a very lightweight program, and its
simple to use!




3. Passwords


Having secure passwords is a MAJOR, MAJOR priority when owning a server. People can hack into many things,
such as your Administrator account, your VPS, your PMA(PhpMyAdmin).
Using a password generator and storing your passwords in a safe place is very recommended. Passwording Directories on
your computer would be great!





4. Peerblock


Peerblock is program that blocks "bad" computers from connecting to you, It has many listed computers using spyware which
can really effect your server. This is also a very lightweight program, and it's very recommended. It also prevents DDoS attacks
which is great, DDoS attacks are continuous pings. Well most of them are, mainly insecure children use them, but without peerblock, your
server can suffer a lot of downtime.





5. Directory Names


Directory names are a major priority in securing your server, it allows people to not access your admin directories etc.
By changing it from
e.g website.com/admin/ to website.com/hidden/ would mean that people can't access the administrator panel.
This is a great way to secure your administrator panels etc, meaning that nobody can access your personal files.

A few directories which I would rename would be, /admin/ ; /mod/ (Forums) ; /install/ (Deleted most of the time) ;


6. Using a Webhost


Using a webhost for your CMS is highly recommended, cPanel allows RemoteSQL which allows you to connect your
server to the webhost.
This is highly recommended, and can prevent DDoS attacks to your website.
One thing when looking for a webhost is looking for an offshore one, there are many of these out there!


You can send me a PM Asking for a offshore webhost, I can also provide you with a reseller if you wish.
All of my servers are hosted in the UK, with cloudflare and DDoS protection.


------------------------------------------------------------


Well, thats the list.
If you have any more suggestions/tips, please post them below so I can add them to the thread!
Anyway, I'm not saying these are musts, but I highly recommend them from personal experience.


Regards,


Sal
 

Kaz

BooYah
Staff member
Nov 16, 2010
3,064
1,025
Nice little tut. Theres plenty more ways to securing your server, but these cover the basics by far
 

Sals

Actions speak louder than words
Mar 23, 2011
47
6
Nice little tut. Theres plenty more ways to securing your server, but these cover the basics by far
Yes I know, I didn't want to go into alot of detail, but feel free too PM me with some other Simple ways, and I could update the thread :D
 

Users who are viewing this thread

Top