Windows Server 2008 R2 General server Maintenance

Source: Internet
Author: User
Tags cpu usage

Basic Items

1: System Health Check

1.1: Event Log checking (application/security/System)

: Daily Check

: found that there are errors in the log appear need to check out the cause and troubleshoot errors

1.2: Shared folder check

: Daily Check

: Found an unauthorized shared folder, delete immediately

1.3: Local Users and Groups check

: Daily Check

: Found unauthorized users and groups, delete immediately

1.4: Disk size and Fragmentation check

: Daily Check

: Found disk space below alert value (30% available), need to clean up useless disk files

: Disk fragmentation is found to be greater than alert value (70% fragmentation) and needs to be defragmented during server idle time

1.5: System services and application checks

: Daily Check

: Discovery of unauthorized system services and installation of applications, delete immediately

Inspection of 1.6:iis

: Daily Check

: Found an unauthorized web site to run, delete immediately

1.7: Process and application checking

: Multiple inspections per day

: Discovery of suspicious processes and applications, close immediately and locate run files for deletion

1.8: Check CPU usage and memory footprint

: Multiple inspections per day

: Found the CPU for a long time to occupy too high (90%) Check the main reason, see the situation restart the server

2: Database state Check Maintenance

2.1: Check the running results of the daily maintenance of the database

: Daily Check

: Ensure that data and logs are backed up correctly as required, that a failed manual backup is run, and that the reason for the error is eliminated

2:2: Check the transaction log of the database

: Daily Check

: When the transaction log is greater than 300M, a full backup log is required to shrink the log

2.3: Check the fragmentation of the database files

: Every half month check

: Defragmentation is required when the database fragment is larger than the alert value

: Method 1

If the scan density and average page density are less than 100% to indicate fragmentation, the two items should maintain a high percentage. The logical and sector scan fragments should be as close to 0 as possible, and should not exceed 10.

3:web system Check

Landing check of 3.1:web system

: Daily Check

: Make sure the web system logs in properly

Response checking of 3.2:web system

: Daily Check

: Check the Web system request and response speed, if the response is too slow or not responding, you need to check for reasons and exclusions.

File checking of 3.3:web system

: Monthly Check

: Check and back up the program files for the web system

4:web Flow Check

4.1:web Flow Check

: Daily Check

: To ensure that the flow of normal, detection of abnormal flow of traffic, need to identify the cause and resolve.

Special items

1. "Computer Configuration"/"Windows Settings"/"Security Settings"/"Software restriction Policy" options, right-click the option and execute the Create Software Restriction Policy command on the shortcut menu, double-click the Force Group Policy item with the mouse, and open the Settings dialog shown in Figure 1, and select the All users except local Administrators option, the remaining parameters are set by default, and then click OK to end the above setup action

2. Rejection of network viruses hidden in temporary files

Group Policy Edit Command "Gpedit.msc" in turn, select the Computer Configuration/Windows Settings/Security Settings/Software restriction policy/Other rules option, right-click the option, and execute the new path Rule command on the shortcut menu. Open the Settings dialog box shown in Figure 2, click the Browse button, select and import the temporary folder for the Windows Server 2008 system from the pop-up File selection dialog box, set the security level argument to Disallowed, and then click OK

3. Prevent illegal Ping

String command "Gpedit.msc" The Computer Configuration node option, and select Windows Settings, security settings, Advanced Security Windows Firewall, advanced secure Windows Firewall-local Group Policy objects option from under the target node. Then use the mouse to select the inbound rules item below the target option, and then in the Actions list to the right of the Inbound Rules project, click the new Rule option, the system screen will automatically pop up the New Inbound Rules Wizard dialog box, follow the wizard screen prompts, first select the Custom option, and then the "All Programs" After the item is selected, select "ICMPv4" from the list of protocol types.

When the wizard screen prompts us to choose what type of join condition, we can select the "Block Connection" option.

4. Disconnect remote connections to restore system status [processing under special circumstances]

Enter the "gpedit.msc" command, second, select the branch of the User Configuration node at the left of the Group Policy Console window and use the mouse to select the Administrative Templates/network/Network Connections Group Policy options below the target node branch, and then double-click the following network Connections branch. Remove all user remote access connections option, in the Option Settings dialog box shown in Figure 5, select the Enabled option, and then click OK to save

5, forcibly protect all connections

The input string command "Gpedit.msc" in the Run box to enter the Group Policy editing interface of the local server system;

Next, locate the mouse in the computer Configuration/Administrative Templates/Network/network Connections/Windows Firewall/Standard Profile Branch options. Under Standard Profile Branch options, double-click the Windows Firewall: Protect all network connections Group Policy option, Open the target Group Policy property interface as shown in Figure 4, select the enabled item in the interface, and then click the OK button

Part II

1. Turn off default sharing

2. Change password maximum use period 90 days

3. Account lockout threshold 5 failure 10 minutes to try again

4. Audit strategy

Audit policy Change failed successfully

Audit logon event failed successfully

Audit system Event failed successfully

Try to change the system time

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.