![\"\"](\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/Server-security.png\")
When web hosting providers start asking about hardware DDoS protection that cost upward of $32,000 and licenses running $10,000 plus, you know that security is a serious issue, especially in today\u2019s world of cybercriminal attacks.<\/p>\nWhen web hosting providers start asking about hardware DDoS protection that cost upward of $32,000 and licenses running $10,000 plus, you know that security is a serious issue, especially in today\u2019s world of cybercriminal attacks.<\/p>\n
Considering that some of these firewalls only protect you for attacks under 50Gbps, the real cost to protect yourself against attacks ten times that magnitude is staggering.<\/p>\n
Before you even get to that level of security though, your servers themselves need to be locked down. There are a number of ways to do that – we\u2019ll address a few of the more applicable methods here:<\/p>\n
Use SSH Keys<\/strong><\/p>\n The latest controversy between the FBI and Apple centered around unlocking an iPhone that utilized encryption. In this scenario, SSH keys utilize cryptographic keys using private and public key pairs for authentication. This prevents password based login brute force attacks whereby a malicious user can repeatedly attempt to gain access to your server.<\/p>\n This is comparable to using an exceptionally strong username \u2013 password combination, so much so that it\u2019s virtually uncrackable \u2013 or at the very least, not worth attempting.<\/p>\n To some, setting up any type of cryptologic key seems taunting, but it really isn\u2019t. The entire process can be completed in a few minutes.<\/p>\n Setup Firewalls<\/strong><\/p>\n I once sold a firewall device to a local firm for $5000 and thought that was a fortune to pay for protection. Today, this seems like a pittance compared to yesterday\u2019s outlay for security. Essentially, firewalls can be software or hardware based, and as designed are engineered to block or restrict access to everything except what\u2019s absolutely publicly necessary.<\/p>\n Internal services can be rendered completely inaccessible to the public, and any ports not being utilized can be blocked entirely (in most configurations).<\/p>\n Firewalls essentially provide you with an extra layer of security, to protect those components of your server that are vulnerable to exploitation.<\/p>\n Some firewalls are more difficult than others to set up, but once done normally only need to be tweaked. As an alternate, you can always resort to iptables or a CSF firewall.<\/p>\n Setup a Virtual Private Network (VPN)<\/strong><\/p>\n VPN\u2019s have been around for a number of years. The first time I set one up was to securely login to the corporate intranet from my home personal computer. They\u2019re an encrypted tunnel between two end points, offering one way to connect to a remote server over a secure connection.<\/span><\/p>\n To make this work, the server has to be configured so that your applications and firewall allow the use of this type of funnel. Is the installation process difficult? Well, it\u2019s not entirely simple, but once setup it\u2019s very much worth the effort.<\/p>\n SSL\/TLS Encryption<\/strong><\/p>\n SSL certificates are used to authenticate different entities to one another, normally an end user with an online ecommerce store or banking institution.<\/p>\n These basically prevent hacking attacks where a cybercriminal imitates a server in your network to intercept traffic.<\/p>\n Google recently stated that it was pushing for all websites to be SSL enabled, which we also recommend as it added an additional layer of security.<\/p>\n Performing audits on your server<\/strong><\/p>\n Basically, by performing an audit on your server, you discover the services that are running on it. Doing so enables you to understand where attacks may occur, allowing you to proactively lock them down. Obviously, the more services you have running, the greater the odds that there exists some vulnerability on your network.<\/p>\n While performing audits is recommended, do you have a protocol in place to receive security alerts associated with vulnerabilities on the services running on your servers?<\/p>\n![\"ProlimeHost](\"https:\/\/www.prolimehost.com\/wp-content\/uploads\/sites\/4\/2014\/08\/unnamed-e1408122780935.jpg\")
<\/p>\n