If you plan to take a LAMP server (Linux, Apache, MySQL and PHP), whether it is a virtual private server (VPS) or a dedicated server, the first thing to do is to secure it. <\/p>\n\n\n\n
This guide outlines the procedure to follow to correctly configure your server. I’ll go over the basics and know some great tools you can use. <\/p>\n\n\n\n
The first thing to do to secure your server is to set up a firewall. A firewall acts as a barrier between your server and the outside world; it checks that everything that enters is secure and blocks any malicious traffic. There is a huge choice of firewall solutions, but we will focus on the two best known:<\/p>\n\n\n\n
Simple firewall, UFW is a good solution that requires only minimal configuration. The solution provides an intuitive way to create custom firewall rules and works with IPv4 and IPv6 networks. The UFW firewall is deactivated by default, do not forget to activate it to configure it. The UFW firewall also has a user interface accessible under the name Gufw . <\/p>\n\n\n\n
Iptables is a known firewall provided with the Linux kernel; it is enabled by default in Linux. Like UFW, it works with both IPv4 and IPv6 networks. There is another version of iptables called ip6tables to manage IPv6.
Unlike UFW, the iptables syntax is quite difficult to master. Its advantage: it makes it possible to create security configurations of greater granularity. It is therefore a powerful tool to secure your server. <\/p>\n\n\n\n
As a server administrator, you will often need to connect to\nyour server over the Internet. This remote connection must therefore be\nsecure and encrypted. To do this, you must set up a secure SSH connection\nto your server.<\/p>\n\n\n\n
There are two methods to connect in SSH:<\/p>\n\n\n\n
As the name suggests, this type of connection requires entering a password each time you want to connect using SSH. Although this method requires less configuration, it is less secure and more exposed to brute force attacks.<\/p>\n\n\n\n
For this type of connection, the server and the client machine must exchange their public key used to encrypt the connection. They must also authenticate each other. More complex to configure than the password method, this type of connection has the advantage of being much safer to connect to your server.<\/p>\n\n\n\n
Using a malware analysis tool to monitor your server helps detect malware intrusions. Below are the two best-known free rootkit detection tools for malware analysis on your server:<\/p>\n\n\n\n
This famous scanner for hiding activity tools – or rootkits – searches for suspicious rootkit processes on a Linux server. Even if chkrootkit cannot detect all possible types of malware, it is undeniably a good place to start. However, don’t rely solely on chkrootkit to perform a comprehensive malware scan on your server; it is above all an entry level solution.<\/p>\n\n\n\n
Like chkrootkit, Rkhunter searches for hidden rootkits on the system. It is also able to identify hidden files, bad permissions and suspicious strings. It can run on any Unix-based system. For correct detection of the most common malware, you can combine rkhunter with chkrootkit.<\/p>\n\n\n\n
Take intrusion detection as an alarm system capable of detecting unauthorized access to your server. Two of the best known intrusion detection systems are listed below.<\/p>\n\n\n\n
Help is a free directory and file integrity\nverification system that works like a trap. First, it creates a database\nof the current state of the system. It then checks the integrity of any\nfile present in the system by comparing it with the known database. The\nserver administrator is then notified in the event of significant changes that\ncould jeopardize the integrity of the system.<\/p>\n\n\n\n
Bro is a network intrusion detection system that monitors for unusual activity on your network. Bro works in the following way: he initially creates rules based on events generated on the network, the state of the network or the rules in place. If it detects something unusual, it creates an alert, modifies the firewall rules, updates the incident logs. The downside of this extremely versatile tool is its learning curve which can put off beginners.<\/p>\n\n\n\n
As an administrator, you are going to need to upload files\nto or from your server from time to time. The most well-known file\ntransfer protocol (FTP) is subject to security vulnerabilities, the\nauthentication of the connection being carried out in plain text – format\nliable to be intercepted. By opting for the secure SFTP file\ntransfer protocol , you choose a more secure solution, easy to\ninstall and configure on your server.<\/p>\n\n\n\n
If your server is based on Linux or UNIX, do not forget to update and upgrade your kernel, because distributors regularly update their kernel. Updating the kernel helps stabilize your system by taking advantage of the latest security patches and possible new kernel features. Not applying patches on a server is like inviting hackers to enter.<\/p>\n\n\n\n
Permissions on the server are crucial. Any\nconfiguration error in the authorization settings can allow an attacker to\neasily take control of your server. When configuring permissions for users\non your systems, limit yourself only to the permissions they will need.<\/p>\n\n\n\n
By default, you can apply\nthe umask rules for any new file created on a Linux\nserver. This will allow you to limit the permissions associated with the\nfiles. The use of SGID ( Set Group Identification<\/em> )\nand SUID ( Set User Identification<\/em> ) in files and\ndirectories makes it possible to restrict the permissions of certain users and\ngroups for sensitive directories and files. This will not restrict the\npossibilities for them to use the server functionalities that they are\nauthorized to use (such as the function of recovering a forgotten password).<\/p>\n\n\n\n The points we have raised here are just general advice to\nhelp you keep your server to a minimum. Security is of course a broad\nsubject that must be kept in mind at all times to remain vigilant.<\/p>\n","protected":false},"excerpt":{"rendered":" If you plan to take a LAMP server (Linux, Apache, MySQL and PHP), whether it is a virtual private server (VPS) or a dedicated server, the first thing to do is to secure it. This guide outlines the procedure to follow to correctly configure your server. I’ll go over the basics and know some great tools you can […]<\/p>\n","protected":false},"author":1,"featured_media":175,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[39],"tags":[202,207],"class_list":["post-2763","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-server-management","tag-configure-server","tag-serversupport"],"jetpack_publicize_connections":[],"yoast_head":"\nServer security is crucial<\/strong><\/h2>\n\n\n\n