When setting up your online presence, your main focus is making a site that’s easy for your viewers. Easy to navigate through to reach the product, service or info they want. You must also make sure it’s safe, and can therefore withstand a range of latest attacks. Knowing the most common security attacks on servers gets you one step ahead to armoring yourself against them.
Why you need to protect what’s valuable
Your website can be attacked at any moment. You might think that your small business is safe, but over 43% of cyber attacks target small business. With a hacker attack every 39 seconds, your client’s data is in danger. 2017 saw attacks costing $5 billion, which included the ransomware attack, WannaCry and the hacking of the worldwide credit bureau, Equifax.
Most common types of security attacks
There will be security threats as long as the world is online. And attacks have evolved to try and stay ahead of the security systems. Here are the most common threats today.
Malware
Malware is a variety of harmful software, including ransomware and viruses. It normally needs a user to activate it, for example downloading and opening a file.
How to avoid:
Never open unexpected email attachments and always run downloaded files through an update virus checker. The Kaspersky extension scans all mail on your server, removing dangerous code from messages.
Phishing
Definitely one of the most common security attacks on servers. The main purpose of Phishing attacks is to gather sensitive information. This happens by sending an email with a link which appears to come from a reputable provider to the victim. The link leads to an authentically looking landing page, where the victim is asked to enter his sensitive information.
How to avoid:
The best way to stay safe is to look carefully at the sender’s email and check that after the @ sign the address corresponds to the sender’s official website.
Distributed Denial of Service
This is a preferred tool by hackers that just want to disable a website or create a diversion. In DDoS, hackers send an extremely high volume of requests for a particular website, thus flooding the network.
How to avoid:
These attacks are extremely difficult to prevent. The use of SYN cookies or the use of a reverse proxy has helped prevent such attacks in the past. But with the use of Botnets, DDoS attacks are becoming even harder to prevent.
Check out our Server DDoS protection guide for all you need to know about the best techniques. Or head to our best DDoS protection by Variti.
Cross Site Request Forgery
CSRF attacks happen when a user clicks on a link or downloads a file that automatically performs an unwanted action on behalf of the user.
How to avoid:
Again, the best way to prevent an attack is vigilance, especially when downloading files.
Plesk hardens against the most common security attacks on servers
While it’s impossible to prevent all types of cyber attacks, you can stop many of them with updated security software and operating systems. Plesk offers powerful protection across operating systems, applications and networks because of its suite of inbuilt and extended security tools for your website and data. Starting with the Plesk Security Advisor. Hit the button below to start our free, three-part security course – with video guides!
with
4 Comments
Great tips Usually my websites get these kind of Phishing Attacks and I don’t how to prevent them. You really saved my time and money… Keep it up
Regards,
Imran
Thanks for the feedback Imran and good luck 🙂
It would be nice to know what software tools I can use to prevent attacks on my server…
Thanks for the feedback Chris, we’ll work on providing this info soon!