How do you protect your server?

[Prajyot]

Everything posted above with addition to multiple remote backups. Multiple backup is must

 

[3v-host]

Everything posted above with addition to multiple remote backups. Multiple backup is must

Well, this does not fully apply to server security, but the measure is absolutely correct. As the saying goes: "There are two types of people: the first - those who do not make backups, the second - those who ALREADY do backups" )

 

[easyhostmedia]

Well, this does not fully apply to server security, but the measure is absolutely correct. As the saying goes: "There are two types of people: the first - those who do not make backups, the second - those who ALREADY do backups" )

it is part of server security. with my server, i also got 2 x $3 servers with both being in different datacentres, i backup my server to 1 of them and then mirror the backup server to the other one, so i have 2 backups at different locations

 

[vermanxhika]

To protect a server, implement strong authentication with secure passwords or two-factor authentication.
Keep software updated, use firewalls and intrusion detection systems, and secure network configurations.
Regularly back up data, control access with proper user privileges, and monitor server activity.
Install antivirus and anti-malware software, and ensure physical security.
Educate employees on security practices and have an incident response plan.
Stay vigilant, continuously assess security measures, and adapt to emerging threats.

 

[serverlynx]

Most server hacks occur due some silly human mistake. Focus on eliminating those mistakes, minimizing the attack surface, use better passwords, make sure to protect pages that need to be protected, use SSH keys for authentication and disable password login etc.

 

[justsimplehosting]

@serverlynx Most server hacks occur due some silly human mistake. Focus on eliminating those mistakes, minimizing the attack surface, use better passwords, make sure to protect pages that need to be protected, use SSH keys for authentication and disable password login etc.

I would suggest getting some good firewall protection like BitNinja Server Protect to give you additional protection measures.

 

[baksie]

Firewall is the most optimal option as for me. I am using my Cisco Secure Firewall produced by the same router manufacturer

Next is:

- latest versions of the software

- modified code in the open source software, which didn't get the updates in the past years

 

[freakhosting]

Change SSH port
Disable root login
Change default "root" user to something else
Use SSH Key as a login method
Allow SSH logins from a specific IP address
IPTables or UFW
Have external firewall ( DDoS Protection )
Fail2ban
Update OS & other applications
Remove unnecessary packages
Server Monitoring Tools
Intrusion Detection

 

[Offshorededi]

I would personally suggest using CPguard. I found it so much effective against threats as well as malware and viruses. It is cost effective and so much efficient.

 

[baksie]

Yes, but CPguard isn't good if you need a cheap solution (or free)

 

[AlienVPS.com]

Disable root, change default ssh port, disable icmp traffic, arp floods, hardware ddos protection, APF and CSF Firewall etc.