As hackers find more sophisticated ways of accessing your data, security is becoming a day-to-day struggle for businesses. Since 2018, security breaches have increased by 11%. And in the first half of 2019 alone, 4.1 billion personal records were exposed. And losses due to data exfiltration, stolen IP, and ransomware are also accelerating at a fast pace. Although nearly two-thirds of business leaders recognize the increasing security risks, only a small percentage have enough server security and website security.
Being fully protected means having multiple layers of security in place. With each layer addressing a different type of threat – and combining to form an impenetrable barrier. This becomes a difficult task for sysadmins, because just uncovering and blocking individual threats isn’t enough. It’s also important to defend against complex threats and take preventative action all the time.
A firewall is a system that prevents unauthorized access to or from a private network. It’s basically like the door to a house: an outer layer of security that determines what can and cannot enter. Of course, you also need the door to be closed, sturdy, and under your control in order to protect you. Most computers come with inbuilt firewall software, typically enough to shield against viruses, malware, and other unwanted content.
However, default firewalls are generic and limited, and so enterprises regularly use hardware firewalls as well. While the provides basic server protection, extensions like further secure your server against today’s threats. Juggernaut features include an SPI firewall, brute-force protection, real-time connection tracking, intrusion detection, and dynamic blocklists. Such features give you extra control and allow you to prevent inappropriate communications. Also, take a holistic view of your network, and even scan encrypted data for threats.
A firewall is considered the first line of defense in preventing attacks on servers. However, it’s not the only measure you should take.
If a firewall is the door to your house, your antivirus software is the door to your bedroom. Whereas a firewall protects unwanted content and threats from getting in, antivirus software protects against threats already in your system. It does this by constantly monitoring files, looking for certain signatures to identify malware, and removing viruses and potential threats.
There’s no such thing as too much protection when it comes to antivirus software. The key is finding a tool that suits your needs while being easy to use, lightweight, and regularly updated. by Dr. Web is an award-winning virus scanning and filtering software that protects mailboxes from many types of malware. Including viruses, worms, and trojans.
More great options are the or Both extensions scan server mail traffic in real-time. But only Kaspersky allows fine-tuning and filtering of specific file types from attachments. Then there’s – the leading malware-scanning tool. It ensures you keep malicious code away through antivirus, security and domain monitoring, blacklist status check, and one-click malware removal.
Endpoint Detection and Response (EDR) Software
EDR is a technology that addresses the need for continuous checking of file signatures. Checking for signs of malignancy and rapid responsiveness to advanced threats.
Whether it’s a Mac, PC, or a server, a good EDR system can detect suspicious activity running on any endpoint. This is especially important as even if a hacker has entered your system, for the hack to have a serious impact they must be able to siphon information out of your network. EDR software prevents this from happening by essentially placing compromised devices in quarantine, so no intel can be sent/received.
EDR is an advanced step in server security and so it typically comes at a cost. Kaspersky EDR provides full endpoint protection, from automatic threat blocking to complex incident response. It’s particularly popular for its comprehensive visibility across corporate networks and capacity to discover, prioritize, investigate, and neutralize advanced threats.
Phishing is a way of finding and gathering personal information using deceptive emails and websites. Techniques typically involve persuading people to click on malicious links by suggesting they are important and/or safe. It happens mostly through messaging platforms like email and chat apps. Built-in spam filters block most generic phishing attempts sent out to thousands of people. However, targeted phishing attempts, which may target specific individuals or organizations, can be harder to block.
Phishing is a particularly tricky form of cyberattack to protect against and it can appear so real. Neutralizing such scams, which have tricked even the savviest of CEOs, requires special anti-phishing tools. Warden Anti-spam and Virus Protection is a paid extension designed for power users and service providers. Besides providing high-performance and simple antivirus tests, it also offers support for nearly 30 SpamAssassin plugins. And is therefore one of the most robust anti-virus and anti-spam tools around.
Encryption tools are software that use cryptography to prevent unauthorized access to sensitive information. It works by encoding data from “plaintext” into “ciphertext”. This process turns unencrypted information into an encrypted form for which you need a key to decode. Typically a password, making it harder for outsiders to access.
There are two main types of encryption: software and hardware encryption. Software encryption is more selective and focuses on encrypting individual files and folders. Hardware encryption involves encrypting entire devices.
Linux users will be used to connecting to servers using SSH keys. SSH (Secure Shell) keys are access credentials used in the SSH protocol. A secure and widely used standard for strong authentication, secure connection, and encrypted file transfers. Using SSH keys is more convenient and secure than traditional passwords.
From Plesk 12.0 onwards, you can use SSH Keys Manager to effectively manage SSH keys from the Plesk UI.
Specific Server Security Tools
Some of the most popular Plesk extensions are those which improve your server’s security. Here are some of the most powerful ones which help combat server threats.
Sentinel Anti-malware is a scanner that combines the open-source principles from Linux Malware Detect and ClamAV. This extension especially serves power users and service providers who want to ensure they have protection from a variety of malware.
This premium extension (free trial for 30 days) protects Linux servers against critical vulnerabilities. Mainly by automatically installing security updates to running kernels. This avoids rebooting servers and planning scheduled downtime for your customers. And it also ensures kernels are updated within hours of patch releases for uninterrupted security.
The BitNinja extension prevents 99% of malicious attacks. This can consequently reduce your server alerts and customer complaints by just as much. It actually provides protection against nine different aspects of attacks – including malicious port scans and infections. You can even set it up and start automatically protecting your server in as quick as five minutes.
Cloudbric provides award-winning enterprise WAF and DDoS protection. Firstly, it has a threat detection system for real-time security against hacking attempts, website defacement, DDoS attacks, and spambots. Secondly, you can activate it with one click and try it for two weeks for free. While also benefiting from Cloudbric’s free and expert technical/security support.
DDoS Protection by Variti
DDoS Protection by Variti protects sites from DDoS – one of the most popular online attacks. As well as other types of sophisticated bot attacks. It does this by analyzing real-time traffic and passing it through a distributed network of VARITI filtering nodes. This extension is ideal for companies that depend on online traffic protection for their business.
Atomic Secured Linux
The Atomic Secured Linux extension provides the same level of protection that typically comes with an expert security team. It can prevent, detect, and respond to today’s greatest cybersecurity challenges. In particular, it features host and kernel intrusion prevention systems, brute force protection, and automated malware removal.
(D)DoS Deflate Interface
(D)DoS Deflate Interface is a lightweight shell script that helps deflect DDoS attacks automatically. The script runs in the background, blocking incoming connections from multiple IPs from which connections exceed the configured threshold. And above that – It’s simple to install and operate.
Penetration Testing Software
Penetration testing software is the final line of defense in your security arsenal. Professional ethical hackers simulate a cyberattack (penetration testing), allowing enterprises to find weaknesses in corporate networks long before attackers do.
Rather than just software, penetration testing is often handled by human experts. Once your systems are in place, this added level of security helps you answer two questions in particular. First – does your security system have enough layers? And second – do those layers actually work?
In penetration testing, certain tests can, however, run autonomously. For example, Burp Suite’s vulnerability scanner autonomously crawls an enterprise’s web presence in search of common security holes. Including cross-site scripting, SQL injections, and volatile content. Admins can schedule Burp scans and see the resulting analysis in the form of detailed visual maps. Allowing for the ultimate control and protection of your business’s data.
How tight is your server security against attack? Do you use these tools or different ones? Let us know in the comments below!