Inside: Prevent Site Hacks and Recovery on Dedicated Servers

prevent(Ping! Zine Issue 69) – For every website owner who uses dedicated servers, one of the responsibilities is ensuring that their websites are properly protected from being hacked or infiltrated. We often hear of websites that were damaged, have their data stolen, and rankings reduced to dust because their data is hacked. Even if you take certain measures to secure your website, if the machine that you use for access is infected, you may face a loss of valuable data.

As a website owner you need to know the different kinds of hacking and how they can affect your website:
XSS: The major cause of this kind of vulnerability is weak security of HTML codes and client side scripts. These are typically found in web applications that allow code injection by malicious web users into the web pages viewed by other users. The major cause of this is JavaScript, VBScript and ActiveX.

SQL injections: This allows sending the crafter a user name and/or password field which changes the SQL query.
Defacement: is done by a group of hackers with the intent to steal content and other information from a website. They substitute web pages and home pages. Hackers target the web server and its operating system.

Here are some security measures that can be implemented to protect your website from hackers:

  • Avoid using older versions of software since they are usually not secure. Use the latest ones that are available in the market today. There are new updates from time-to-time, since new hacking methods keep evolving.
  • Use secure passwords. To avoid a hacker from guessing them, make your password a combination of letters, numbers and special characters.
  • Monitor your website logs daily to spot any unusual traffic spike in your stats and to ensure that this is not hacking.
  • Record the IP addresses of the websites that are tapping into yours.
  • Use the latest version of pre-hacked backup for your website.
  • Use only secured plug-ins, widgets and codes.
  • Host your website on different C class IPs.
  • Use high quality software that has a good coder to protect your site.
  • Avoid using public WiFi, which is a security risk.

You Need a Trusted Server Administrator
The best way to protect your sites from hacking is by continuously learning from new articles or available resources that can help you in resolving your problems and hacks. Don’t forget to keep backups. Although this will not protect your site, at least your records will be safe. Be careful of revealing too much about your website since this can attract the wrong crowd. After all, you are responsible for your own site.

After website damage control, the next best thing to do is to get the services of a reputable web server administrator. Even the most seasoned veteran needs networking assistance from time-to-time. The job of these administrators is well defined. They will log into your dedicated server on a scheduled basis to perform operating system maintenance. The administrator will install upgrades and patches for your current applications. They will monitor the following: OS resource utilization, CPU usage, memory utilization, and disk space and log rotation (in some cases). Their main job is to configure and maintain the web server so that you can concentrate on designing your website and upload the content you want.

Since using a dedicated server will leave all aspects of the web maintenance to you, it is wise to have someone assist you with the hassles of keeping your server and files protected from hackers and other dangers. Some website administrators also offer email administration services, which can assist you in monitoring your email box and as an additional bonus, they can help your users and customers in case technical problems arise. Aside from their monitoring abilities, they can also help you in controlling spam. For a well-managed environment, five hours of web server and email server administration for each of the servers is suggested.

Look for an advanced dedicated server monitoring system that resides on a private network and ranges within the data center so that there will be no security issues that may arise from allowing access through firewalls. As your systems grows and becomes more complicated, intrusion detection is a must for website owners who use dedicated servers. Select an intrusion detection company that can satisfy your needs. Through their services you can insure that your system is protected from potential hacks from outside sources.

Subscribe to a dedicated server remote backup system that can assist you in data retention and disaster recovery back up since saving your data is crucial. Many businesses do not realize how powerful having a dedicated offshore server can be until an emergency happens. An example of how a good backup system works is during the 9/11 World Trade Center attack. Some companies had an estimated data loss of $700 million, but for those who had a backup facility with duplicate applications and staff, their data was transferred back without a hitch. This way, there is no real loss. Only minimal ones that can be remedied.

Redundancy in IT systems is one of the most effective ways to keep your online business running, even in an emergency. To secure your data from potential loss, look for backup solutions that are tailored to your website’s needs. In this online business climate, having a disaster recovery plan is essential to ensuring your business continuity.