Security of a Dedicated Server and What Makes It Is Secure
Posted Dedicated Serverin
The security of Dedicated Servers are mostly based on the Data Center facilities housing the equipment and all service providers generally address enough quantity of resources to guarantee your server security, checking for new vulnerabilities, software and utilities deployment, to update and patch the server when needed if it is a managed one and tuning up the firewalls among other measures to avoid hackers attacks.
Depending if yours is a managed Dedicated Server or an unmanaged Dedicated Server, the service provider may offer multi-tiered security and monitoring 24 hours a day, 365 days a year, as well as access to co-locate your server in the Data Center most secure racks with network monitoring, usage and other pertinent metrics if required.
General security measures of a dedicated server may include controlled access, firewall and intrusion detection, network monitoring, mirrored data centers, video surveillance, conditioned power, fire suppression, redundant air handling and battery backup capacity. All these measures are related to the Dedicated Server provider, but you as the owner must implement additional security measures on your own, not necessary at all, if you are under a managed service plan.
Among the basic security aspects to keep in mind while fine-tuning your Dedicated Server, is the server configuration files. Running an Apache server requires the improvement of permissions on the server root directories, server side includes, in non-script aliased cgi, script aliased cgi and cgi in general, as well as in other sources of dynamic content protecting system settings and protecting sensitive server files by default. These same measures apply to other operating system counterparts.
Another option to maximize security on a website is the use of Secure Servers adopting a strict policy for both the document root where HTML documents reside, and the server root where configuration files are kept by granting read, write and execute permission accordingly in servers with *nix platforms or their equivalent on windows servers, paying particular attention in CGI scripts and directories where most security threats are easily exploitable.
The cgi-bin directory or equivalent, and its contents has to be setup as executable and readable, chmod 755, but not writable, chmod 777 or 666, because the high security risks but Dedicated Servers running in Windows platforms do not have the Unix chmod command as an option so if you are concerned about security and you do not have the proper windows server knowledge or the budget to get a managed Dedicated Server, your best option is select a server running under *nix environment.