Forum Donate

Learn to code — free 3,000-hour curriculum

MARCH 8, 2021 / #SECURITY

Server Security Tips – Secure

Your Server with These Best
Practices
Riya Sander

Servers play a vital role in organizations. Their primary

function is to provide both data and computational
services.

Because of the critical role they play, servers hold confidential

organizational data and information. Information is like gold
nowadays, and hackers are gold miners.

An insecure server is vulnerable to all sorts of security threats and

data breaches.

Security vulnerabilities can lead to the loss of critical data or loss of

capability and control that can jeopardize the whole organization.

If you do not secure your servers, then you are treading a dangerous
path.

You might not know how to secure your servers properly. This
article will explain some of the server security tips that you can use
to secure your servers. Forum Donate

Learn to code — free 3,000-hour curriculum

Server Security Best Practices

1. Constantly Upgrade the Software and the
Operating System

Constantly Upgrade the Software and the Operating System

In server security, staying up to date on all software and operating

system-related security fixes is essential. Server systems and
software technologies are so complicated that some of the security
vulnerabilities they carry can easily go unnoticed.

Because of this, security vulnerabilities commonly exist in both old

and freshly updated software versions. Also, hackers always try to
develop new and innovative ways to gain unauthorized entries into
a system.

Fortunately, vendors and cybersecurity experts are constantly

working to ensure that their software and operating systems are as
secure as possible. Once they discover a security loophole, they will
typically move quickly to have the loophole fixed.
Once that's done, they will release a more secure andForum
upgraded Donate
version of their operating
Learn to codesystem or software.
— free 3,000-hour For your server's
curriculum

security, you should immediately install the update once the vendor
has
Eventested and
though released
most it on
vendors the
act market.to address security
speedily
vulnerabilities, there is always a gap between the time the security
vulnerability is discovered, the time it takes to fix it, and the time it
takes you to install the new update.

This gap can give hackers an upper hand since they can easily
breach your servers before you make the update.

To keep this gap as small as possible, always remain vigilant and

aware of any new developments as far as your servers' security is
concerned. You should also be mindful of the immediate measures
you can take to ensure that you are not affected by the vulnerable
software.

For instance, uninstalling the software could be an essential thing to

do. Lastly, you should install the new update right away once it has
been released. Installing the secure operating system and software
version can help reduce your vulnerability.

2. Configure Your Computer to File Backups

 Forum Donate

Configure
Learn to codeYour Computer
— free to File Backups
3,000-hour curriculum

You should always keep a file backup and have a restoration

strategy. You never know when a hacker will succeed in breaching
your servers.

When such a breach happens, a backup file could be your savior.

Regularly backing up your data allows you to restore all the

information resources that your server held before the data breach
took place.

Therefore, for the sake of your data, you should ensure that you
regularly undertake the data backup.

When developing a backup plan, make sure that you do a thorough

analysis of the following:

the cost of the backup plan,

its efficiency and speed,

the effort required to restore your data after a data breach,

the speed of the backup process, and

the amount of disc space that you need to store the data.

You also should carefully consider the location where you store
your backup files.

You can choose to keep the files either locally or on on the cloud,
which is a safer approach.

3 Set up Access Limitations to Your

3. Set up Access Limitations to Your
Forum Donate
Computers files
Learn to code — free 3,000-hour curriculum

Access Limitations to Your Computers files

Most operating systems will give users the option to specify access
privileges. For the safety of your servers, I advise that you be as
restrictive as possible.

A user can specify access privileges to directories, networks, files,

and other server elements. Access controls can reduce both
deliberate and unintended server security breaches.

For instance, limiting read access can help you protect confidential
and private information. Similarly, restricting who can modify files
and data will help maintain the integrity of the files.

Not all employees should be given access to all the resources of

your organization. Applying the principle of the least privilege is an
excellent move in securing your servers.

Those who have no business with server resources or do not need

them to fulfill their job requirements should not have access to
those resources. Some of the worst data breaches have been
organized and executed by people within the organization who had
access to crucial data and information. Forum Donate

Learn to code — free 3,000-hour curriculum

A 2019 Insider Threat Report by Verizon places careless and
malicious workers as the top actors in insider cybersecurity threats.
Limiting access, therefore, can help protect your servers from
insider attacks.

4. Install SSL Certificates

Install SSL Certificates

Secure Socket Layer certificates are security protocols that guard

the communication between two systems over the internet.

The Secure Socket Layer is a crucial element of server security. You

need to ensure that any communication or data transfers between
your server and clients' browsers or other servers are encrypted.

SSL certificates scramble data in transit so that sensitive and

confidential information such as health details, credit card details,
and financial records remain secure. A hacker who succeeds in
accessing the data cannot decipher its meaning.

Only the intended recipient who has the right key to decrypt the
information will understand its meaning. Forum Donate

Learn to code — free 3,000-hour curriculum

Apart from just encrypting the communication between your
servers and other parties, SSL certificates also play a critical role in
user authentication.

SSL certificates can authenticate different systems to their

particular owners. The certificate, therefore, helps establish your
authority. To strengthen your security, you should get and install an
SSL certificate.

5. Use Virtual Private Networks (Private

Networking)

Use Virtual Private Networks (Private Networking)

Private networks are based on Internet Protocol address space. A

VPN is said to be private because no Internet Protocol packets
addressed are transmitted via a public network.

A VPN will allow you to create a connection between different

computer devices located in different places. It lets you to carry out
operations on your servers in a secure manner.
You can exchange information with other servers on the same
Forum Donate
account without compromises from outside. To ensure that your
Learn to code — free 3,000-hour curriculum
server is safe, you should set up a Virtual Private Network.

6. Server Password Security

Server Password Security

When it comes to server security, make sure you use password best
practices. The first step is to develop clear password policies and
rules that all members using the server should follow.

You should enforce minimum character length for passwords, set

password complexity guidelines, enable session timeout for
inactivity, and use a multiple-factor authentication strategy.

It's also useful to have a clear password expiration policy. Passwords

should only be allowed to last a few weeks or months. It's best to
encourage all users to implement safe password storage to avoid
passwords landing in unsafe hands.

7. Use Firewall Protection

Use Firewall Protection

Fi ll h h f Th
Firewalls are a must-have to ensure that your servers are safe. They
Forum Donate
filter incoming and outgoing traffic to allow only specific services
Learnones.
and lockout unsafe to code — free 3,000-hour curriculum

There are a few different classifications of firewalls. The first group

deals with the public services that anyone on the internet
anonymously accesses. The second is the private services that a
select group of authorized accounts can access. The last is the
internal services that require no exposure to the outside world.

You should restrict access to these services depending on which

group fits the situation. You should configure your server to refuse
all accesses except those that are mandatory to your servers.

Summing up
After reading this article and implementing the server security
measures I explained, you should feel more confident about your
server's security.

As a best practice, you should implement these security measures

when you first set your server up. It also helps if you implemented
more than one of these measures. As a general rule, the more
security measures you have, the safer your server will become.

Riya Sander
Riya Sander is a Digital Strategist, having 5+ years of experience in the
field of Internet Marketing. She is a social media geek, a complete foodie
and enjoys trying varied cuisines.

If you read this far, tweet to the author to show them you care.
Tweet a thanks
 Forum Donate
Learn to code for free. freeCodeCamp's open source curriculum has
Learn to code — free 3,000-hour curriculum
helped more than 40,000 people get jobs as developers.

Get started

ADVERTISEMENT

freeCodeCamp is a donor-supported tax-exempt 501(c)(3) nonprofit organization (United

States Federal Tax Identification Number: 82-0779546)

Our mission: to help people learn to code for free. We accomplish this by creating thousands of
videos, articles, and interactive coding lessons - all freely available to the public. We also have
thousands of freeCodeCamp study groups around the world.

Donations to freeCodeCamp go toward our education initiatives, and help pay for servers,
services, and staff.

You can make a tax-deductible donation here.

Trending Guides

Learn JavaScript Rust Lang

Linux ln Example Python Sets

JS document.ready() C++ Strings

Delete a Row in SQL Python map()

Python Round to Int Python .pop() Forum Donate

What is msmpeng.exe? Learn to code — free 3,000-hour curriculum

Python arrays

Queue Data Structure npm Uninstall

Learn Web Development Insertion Sort

Install Node on Windows Python If-Else

Remove Char from String All Caps in CSS

Open Task Manager on Mac Second Monitor Not Detected

parseInt() in JavaScript How to Declare Strings in C

Print statement in Python How to Use .len() in Python

Remove Directory in Linux Python Convert String to Int

Python str.lower() Example How to create a free website

Our Nonprofit

About Alumni Network Open Source Shop Support Sponsors Academic Honesty

Code of Conduct Privacy Policy Terms of Service Copyright Policy