How to Keep Your Server Safe From Common Security Problems
Posted on Tuesday, Sep 13, 2011 in "Security Issues"
It’s a wild, wild world out there. There’s all kinds of culprits just waiting to hack your website, trash all those gorgeous lines of code, and then steal your information from here to Sunday. Thankfully, though, we as web hosters have had plenty of time to study the most common forms of cyber attack: And we’ve come up with quality ways to deter them, too.
Use the following bits of information and tactic to keep your server safe from cyber hacking.
The Dreaded Denial-Of-Service Attack
This one’s a common one, and sadly, it’s pretty hard to avoid. The best method of defense against this is a good relationship with your hosting provider. This is where it’s a good idea to have a quality web host, instead of that cheap Chinese derivative you found for next-to-nothing in Shadyville, Internet Land.
A denial-of-service attack (or DDOS) is nothing more than putting your servers into hyper-mode. This is accomplished by sending too many requests through to your software, effectively crippling your website with much more load than it can handle.
This seems like a real brute force way to do things, and it is. So why is it still a problem, if it’s so basic a method? Well, the issue is in the way a DDOS is deflected: It’s incredibly hard to defend a site against what is, essentially, just extreme use. To safeguard your website against a DDOS, you’ll need to either shut down flow entirely (very undesirable for any business site) or locate the exact IP of the perpetrator and block it out. To do so, you’ll need a good connection with your host, as well as their willingness to help you out. Remember, a good host cares, and will always try their best.
Script Overload via Buffer Overflow
Your URL is essential for uploading new data to your site, as behind that glorious front page, there’s a collection of packaging scripts that interpret your information into HTML eye-candy. Sadly, these scripts can be hijacked by sending a super-long URL to your server, potentially creating new code or rewriting that which is already in place.
To guard against this, just make sure your scripts are locked down against unwanted intrusion. Keep a strong password, and ensure with your provider that only you or your associates have access to these vital, background daemons.
