Web security remains one of the most critical issues for IT organizations, as recent high-profile cyber attacks have proven. Due to the sensitive data usually hosted there, web servers are one of the most targeted places in an organization. In fact, securing a web server is just as important as securing a website, web application, and network.
Securing a web server is a challenging operation, but it is certainly possible. Unfortunately, regardless of which web server software and operating system you use, an out-of-the-box configuration is usually insecure. The tips below will help you increase web server security.
Tip 1: Remove Unnecessary Services
The default operating system installations and configurations tend not to be secure. A typical default installation includes many network services you won’t need in a web server configuration, such as remote registry services, print server service, etc. The more services running on an OS, the more ports that are left open, so turn off and disable services you are not using.
Tip 2: Manage Permissions and Privileges
File and network services permissions that affect web server security because if a web server engine is compromised through network service software, the user can access the account on which the network service is running. For added security, assign the fewest privileges needed for a specific network service to run. Also, assign minimum privileges to any anonymous user that is needed to access the website, web application files, and databases.
Tip 3: Remove Unnecessary Modules and Application Extensions
Default Apache installations have a number of pre-defined modules enabled that you likely are not using. Turn off these modules to prevent targeted attacks against them.
Microsoft’s web server, Internet Information Services, is similar. By default, it is configured to serve a large number of application types such as ASP, ASP.NET, etc. Your list of application extensions should only include a list of extensions your website or a web application will be using. Each application extension should also be restricted to use certain HTTP verbs only, when possible.
Tip 4: Monitor and Audit the Web Server
Ideally, you should store all the logs present in a web server in a segregated area. Network services logs, website access logs, database server logs, and operating system logs should be monitored frequently. And, be on the lookout for odd log entries since log files tend to provide all the information about an attack attempt. If you notice suspicious activity from the logs, immediately investigate to see what is going on.
BinaryNetworks offers a complimentary technology assessment, and provides the regular server maintenance that your computer systems require. Let us manage your technology, so you can manage your business.