Six things to do before a webmaster hosting server

Intermediary transaction SEO diagnosis Taobao guest Cloud host technology Hall

Managed server in the data center before entering the room, the system must be done in advance, but only to install the system, open remote control is far from enough. The first section we talked about is mainly "hard security", now we talk about some "soft security", the master will not look again, do not shoot bricks against my enthusiasm, not to despise me. The server has been hacked, and think about it, you've done it all.

1. Operating system security

May have a friend often will respond, my server was hacked into, I have to go to the engine room at least two times a week, how to do? After installing the operating system, immediately install an anti-virus software, and operating system patches upgrades, as well as anti-virus software virus library and feature library upgrades. This time you must not wander on the server, the Internet virus Trojan many. After the upgrade, do some basic security permission settings, including the permissions on individual disk partitions and directories, and even refine the security settings for the related files. Settings for specific permissions no longer dwell on this. Different operating systems, different application orientations, and permissions are set differently. Do not follow the online tutorial intact move, otherwise you will suffer.

2. Security of application software

I suggest that you do not install any software that has nothing to do with your server on the server, including Windows operating system with Linux operating system, etc. It is recommended that you use the latest version of the application software, such as the Windows operating system under the FTP software serv, I believe that in the case of the server hacked, more than 80% of the server is because the Serv version is too low, combined with other places of vulnerability and was invaded. A new version of the app is being promoted, and of course there's a reason for it.

3, website and database security

Have a friend after the program, directly uploaded to the server, the site set up, in the client can access to no matter, this is the wrong approach. In the process of writing web site procedures, the procedures of the grammar and judgment, such as the location must be rigorous, after the completion of the database installation, be sure to play the latest database patches, and make some basic permission settings. The website program is uploaded to the server, the relevant directory must be in time to set the permissions. While this does not guarantee the security of the entire server, it will at least reduce the likelihood of the server being compromised.

4, anti-virus software and firewall

May have a friend complained, my server installed anti-virus software, and installed a firewall, the server is still hacked into the. That may be your antivirus software is not configured or has not upgraded the virus library, it may be the firewall is not configured. Including my friends will make this mistake, installed anti-virus software is like a normal application, installed after the restart no longer tube it, it is bad habit, install antivirus software, after the server reboot should be the first time in the virus library or signature upgrade to the latest, and make some simple configuration, such as boot scan, Go to system scan or timed scan, etc. Install a not upgraded anti-virus software and not installed anti-virus software is not much different. Again, after the firewall is installed, also need to make the appropriate settings, such as prohibiting the external computer ping this computer (in fact, this feature is any one of the most basic functions of the firewall), the ban on the use of the external connection of the program (you do not have to update the system or anti-virus software to add to it) and so on.

5. Service and Port

After the initial installation of the system, many services will be started, some of these services are core services, some are unnecessary services. Similarly, a service is bound to open one or more ports outward. You can completely shut down these unnecessary services and ports immediately after the system is installed, to some extent to enhance the security of the system. So what services and ports need to be shut down? Then you need to have a deeper understanding and understanding of every service and common port that the system starts.

6. Other

Just doing the above five points doesn't mean your server is safe. What is called a wise man is a loss. According to the actual, each server different applications, the use of security strategy is not the same, at the same time the security of various links is very flexible. But as long as you catch the key point, your server is relatively safe, that is, as far as possible to open the least service (port).

The above is just a tiny fraction of the security of a wired network and the security of a wireless network. Interested friends can search for relevant articles on the Internet to understand.

OK, some of the basic security of the server you have done, you can let the data center side of the relevant staff will be your server on the shelves, go back to remote control of your server. Network security is a very large system engineering, each link security can not be ignored, each link is interlocking. Similarly, it is a long-term, continuous process, server and network technology in the rapid development of new vulnerabilities and hacker attack technology is also constantly emerging, which requires the server administrator friends constantly update and consolidate their own brain in the knowledge base, while free time, Often go to some security site to see the latest system vulnerabilities and software vulnerabilities, when free, to the Security Class forum bubble, in fact, feel very good!