RHA, In my previous article related to webserver security section I told you some ways which hackers can use to compromise your webserver, However in this article I will tell you how to protect your webserver from getting hacked or being compromised.
Well there are variety of methods you can implement to protect your webserver, but I will not be covering all of those method because it will take alot of time explaining the concepts.
Most of the webservers get compromised due to the vulnerability in their webapplication, some of the most common existing webapplication vulnerabilities are SQL Injection, Cross site scripting, Local file inclusion etc, These vulnerabilities usually due to improper or poor coding of web applications.
How do I find if these types of vulnerabilities really exist in my webapplications?
Well unless you are a penetration tester or have proper information related to these types of vulnerabilities, it is really difficult for you to find these types of vulnerabilities, A better option is to use a vulnerability scanner like Nessus or Acunetix.
Read More About finding a vulnerability in your website - How To Find A Vulnerable Website?
SSL(Secure Socket Layer)
SSL is not really necessary until you are running an ecommerce website or a website where you want the communication to be secure, If you are wondering what is SSL(Secure Socket Layer), Kindly read my article on What is SSL(Secure Socket Layer)
Password Cracking Attacks
As I told you in my previous article that some of the popular password cracking methods include:
1. Brute Force Attacks
2. Dictionary Attacks
3. Rainbow Tables
Here is a simple tip on how you can avoid these types of attacks - Keep Strong passwords, Now what do I mean by a strong password, read my post on How to create a strong password
Use Of Firewalls
Firewalls are usually designed from stopping attackers from evading a website, A firewall is basically a gateway used to allow or deny access, but are firewalls enough to protect your webserver?
The answer is "no", The administrator need to open ports like 80, 21, 25 etc to allow the firewall to give the users access to services like website, email, ftp etc, which leaves these services vulnerable to attackers.
What if some one sends a virus attached with an email through a mail server behind a firewall, The firewall will not be able to block these types of attacks, Hopefully I will explain this stuff related to firewall security in my upcoming articles.
Update Your Webserver Regularly
Vulnerabilities are created and pathed every day, so you need to make sure that you update your webserver and install latest patches and fixes.
Intrusion Detection System
An intrusion detection system (IDS) is used to monitor the entire network, it detects intruders; that is, unexpected, unwanted or unauthorized people or programs on network, If you want to know more about Intrusion detection system kindly read the following post, It will give you a better understanding of IDS
Certainly these methods aren't enough too for a total security, however I will continue the series of articles related to webserver security, Moreover I have also finished writing my newset book "An Introduction To Keyloggers, RATS And Malware" which I will be releasing very soon and the best part is that it will be free for all.
What methods do you use to secure your webserver?