Preventing the most common security attacks on servers

When setting up your online presence, your main focus is making a site that’s easy for your viewers. Easy to navigate through to reach the product, service or info they want. You must also make sure it’s safe, and can therefore withstand a range of latest attacks. Knowing the most common security attacks on servers gets you one step ahead to armoring yourself against them.

Why you need to protect what’s valuable

Your website can be attacked at any moment. You might think that your small business is safe, but over 43% of cyber attacks target small business. With a hacker attack every 39 seconds, your client’s data is in danger. 2017 saw attacks costing $5 billion, which included the ransomware attack, WannaCry and the hacking of the worldwide credit bureau, Equifax.

Most common types of security attacks

There will be security threats as long as the world is online. And attacks have evolved to try and stay ahead of the security systems. Here are the most common threats today.


Malware is a variety of harmful software, including ransomware and viruses. It normally needs a user to activate it, for example downloading and opening a file.

How to avoid:
Never open unexpected email attachments and always run downloaded files through an update virus checker. The Kaspersky extension scans all mail on your server, removing dangerous code from messages.


Definitely one of the most common security attacks on servers. The main purpose of Phishing attacks is to gather sensitive information. This happens by sending an email with a link which appears to come from a reputable provider to the victim. The link leads to an authentically looking landing page, where the victim is asked to enter his sensitive information.

How to avoid:
The best way to stay safe is to look carefully at the sender’s email and check that after the @ sign the address corresponds to the sender’s official website.

Distributed Denial of Service

This is a preferred tool by hackers that just want to disable a website or create a diversion. In DDoS, hackers send an extremely high volume of requests for a particular website, thus flooding the network.

How to avoid:
These attacks are extremely difficult to prevent. The use of SYN cookies or the use of a reverse proxy has helped prevent such attacks in the past. But with the use of Botnets, DDoS attacks are becoming even harder to prevent.

Check out our Server DDoS protection guide for all you need to know about the best techniques. Or head to our best DDoS protection by Variti.

Cross Site Request Forgery

CSRF attacks happen when a user clicks on a link or downloads a file that automatically performs an unwanted action on behalf of the user.

How to avoid:
Again, the best way to prevent an attack is vigilance, especially when downloading files.

Plesk hardens against the most common security attacks on servers

While it’s impossible to prevent all types of cyber attacks, you can stop many of them with updated security software and operating systems. Plesk offers powerful protection across operating systems, applications and networks because of its suite of inbuilt and extended security tools for your website and data. Starting with the Plesk Security Advisor. Hit the button below to start our free, three-part security course – with video guides!


  1. Great tips Usually my websites get these kind of Phishing Attacks and I don’t how to prevent them. You really saved my time and money… Keep it up


  2. It would be nice to know what software tools I can use to prevent attacks on my server…

Add a Comment

Your email address will not be published. Required fields are marked *


  • Yes, please, I agree to receiving my personal Plesk Newsletter! WebPros International GmbH and other WebPros group companies may store and process the data I provide for the purpose of delivering the newsletter according to the WebPros Privacy Policy. In order to tailor its offerings to me, Plesk may further use additional information like usage and behavior data (Profiling). I can unsubscribe from the newsletter at any time by sending an email to [email protected] or use the unsubscribe link in any of the newsletters.

  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden

Related Posts

Knowledge Base

Plesk uses LiveChat system (3rd party).

By proceeding below, I hereby agree to use LiveChat as an external third party technology. This may involve a transfer of my personal data (e.g. IP Address) to third parties in- or outside of Europe. For more information, please see our Privacy Policy.