Software Tools to Prevent Attacks on Servers and Sites

Software tools to prevent attacks on servers and sites - Plesk

As hackers find more sophisticated ways of accessing your data, security is becoming a day-to-day struggle for businesses. Since 2018, security breaches have increased by 11%. And in the first half of 2019 alone, 4.1 billion personal records were exposed. And losses due to data exfiltration, stolen IP, and ransomware are also accelerating at a fast pace. Although nearly two-thirds of business leaders recognize the increasing security risks, only a small percentage have enough server security and website security.

Being fully protected means having multiple layers of security in place. With each layer addressing a different type of threat – and combining to form an impenetrable barrier. This becomes a difficult task for sysadmins, because just uncovering and blocking individual threats isn’t enough. It’s also important to defend against complex threats and take preventative action all the time.

To effectively manage cybersecurity, businesses outsource and use free and premium security tools. Here we’re going to look at some of the field’s top tools. And explain how they can help you enforce the seven key security layers every business needs to stay secure.

Network Firewalls

Firewall helps Linux server security - Plesk

A firewall is a system that prevents unauthorized access to or from a private network. It’s basically like the door to a house: an outer layer of security that determines what can and cannot enter. Of course, you also need the door to be closed, sturdy, and under your control in order to protect you. Most computers come with inbuilt firewall software, typically enough to shield against viruses, malware, and other unwanted content.

However, default firewalls are generic and limited, and so enterprises regularly use hardware firewalls as well. While the default Plesk firewall provides basic server protection, extensions like Juggernaut further secure your server against today’s threats. Juggernaut features include an SPI firewall, brute-force protection, real-time connection tracking, intrusion detection, and dynamic blocklists. Such features give you extra control and allow you to prevent inappropriate communications. Also, take a holistic view of your network, and even scan encrypted data for threats.

A firewall is considered the first line of defense in preventing attacks on servers. However, it’s not the only measure you should take.

Antivirus Software

Install antimalware/antivirus software

If a firewall is the door to your house, your antivirus software is the door to your bedroom. Whereas a firewall protects unwanted content and threats from getting in, antivirus software protects against threats already in your system. It does this by constantly monitoring files, looking for certain signatures to identify malware, and removing viruses and potential threats.

There’s no such thing as too much protection when it comes to antivirus software. The key is finding a tool that suits your needs while being easy to use, lightweight, and regularly updated. Premium antivirus by Dr. Web is an award-winning virus scanning and filtering software that protects mailboxes from many types of malware. Including viruses, worms, and trojans.

More great options are the Plesk Premium Antivirus or Kaspersky Antivirus extensions. Both extensions scan server mail traffic in real-time. But only Kaspersky allows fine-tuning and filtering of specific file types from attachments. Then there’s ImunifyAV – the leading malware-scanning tool. It ensures you keep malicious code away through antivirus, security and domain monitoring, blacklist status check, and one-click malware removal.

Endpoint Detection and Response (EDR) Software

EDR software - end point detection software - Plesk

EDR is a technology that addresses the need for continuous checking of file signatures. Checking for signs of malignancy and rapid responsiveness to advanced threats.

Whether it’s a Mac, PC, or a server, a good EDR system can detect suspicious activity running on any endpoint. This is especially important as even if a hacker has entered your system, for the hack to have a serious impact they must be able to siphon information out of your network. EDR software prevents this from happening by essentially placing compromised devices in quarantine, so no intel can be sent/received.

EDR is an advanced step in server security and so it typically comes at a cost. Kaspersky EDR provides full endpoint protection, from automatic threat blocking to complex incident response. It’s particularly popular for its comprehensive visibility across corporate networks and capacity to discover, prioritize, investigate, and neutralize advanced threats.

Anti-Phishing Tools

phishing - anti-phishing tools - Plesk

Phishing is a way of finding and gathering personal information using deceptive emails and websites. Techniques typically involve persuading people to click on malicious links by suggesting they are important and/or safe. It happens mostly through messaging platforms like email and chat apps. Built-in spam filters block most generic phishing attempts sent out to thousands of people. However, targeted phishing attempts, which may target specific individuals or organizations, can be harder to block.

Phishing is a particularly tricky form of cyberattack to protect against and it can appear so real. Neutralizing such scams, which have tricked even the savviest of CEOs, requires special anti-phishing tools. Warden Anti-spam and Virus Protection is a paid extension designed for power users and service providers. Besides providing high-performance and simple antivirus tests, it also offers support for nearly 30 SpamAssassin plugins. And is therefore one of the most robust anti-virus and anti-spam tools around.

Encryption Tools

encryption tools - Plesk

Encryption tools are software that use cryptography to prevent unauthorized access to sensitive information. It works by encoding data from “plaintext” into “ciphertext”. This process turns unencrypted information into an encrypted form for which you need a key to decode. Typically a password, making it harder for outsiders to access.

There are two main types of encryption: software and hardware encryption. Software encryption is more selective and focuses on encrypting individual files and folders. Hardware encryption involves encrypting entire devices.

Linux users will be used to connecting to servers using SSH keys. SSH (Secure Shell) keys are access credentials used in the SSH protocol. A secure and widely used standard for strong authentication, secure connection, and encrypted file transfers. Using SSH keys is more convenient and secure than traditional passwords.

From Plesk 12.0 onwards, you can use SSH Keys Manager to effectively manage SSH keys from the Plesk UI.

Specific Server Security Tools

specific server security tools - server security software - plesk

Some of the most popular Plesk extensions are those which improve your server’s security. Here are some of the most powerful ones which help combat server threats.

Sentinel Anti-malware

Sentinel Anti-malware is a scanner that combines the open-source principles from Linux Malware Detect and ClamAV. This extension especially serves power users and service providers who want to ensure they have protection from a variety of malware.

Kernelcare

This premium extension (free trial for 30 days) protects Linux servers against critical vulnerabilities. Mainly by automatically installing security updates to running kernels. This avoids rebooting servers and planning scheduled downtime for your customers. And it also ensures kernels are updated within hours of patch releases for uninterrupted security.

BitNinja

The BitNinja extension prevents 99% of malicious attacks. This can consequently reduce your server alerts and customer complaints by just as much. It actually provides protection against nine different aspects of attacks – including malicious port scans and infections. You can even set it up and start automatically protecting your server in as quick as five minutes.

Cloudbric

Cloudbric provides award-winning enterprise WAF and DDoS protection. Firstly, it has a threat detection system for real-time security against hacking attempts, website defacement, DDoS attacks, and spambots. Secondly, you can activate it with one click and try it for two weeks for free. While also benefiting from Cloudbric’s free and expert technical/security support.

DDoS Protection by Variti

DDoS Protection by Variti protects sites from DDoS – one of the most popular online attacks. As well as other types of sophisticated bot attacks. It does this by analyzing real-time traffic and passing it through a distributed network of VARITI filtering nodes. This extension is ideal for companies that depend on online traffic protection for their business.

Atomic Secured Linux

The Atomic Secured Linux extension provides the same level of protection that typically comes with an expert security team. It can prevent, detect, and respond to today’s greatest cybersecurity challenges. In particular, it features host and kernel intrusion prevention systems, brute force protection, and automated malware removal.

(D)DoS Deflate Interface

(D)DoS Deflate Interface is a lightweight shell script that helps deflect DDoS attacks automatically. The script runs in the background, blocking incoming connections from multiple IPs from which connections exceed the configured threshold. And above that – It’s simple to install and operate.

Penetration Testing Software

Password policy vs Hacking Techniques

Penetration testing software is the final line of defense in your security arsenal. Professional ethical hackers simulate a cyberattack (penetration testing), allowing enterprises to find weaknesses in corporate networks long before attackers do.

Rather than just software, penetration testing is often handled by human experts. Once your systems are in place, this added level of security helps you answer two questions in particular. First – does your security system have enough layers? And second – do those layers actually work?

In penetration testing, certain tests can, however, run autonomously. For example, Burp Suite’s vulnerability scanner autonomously crawls an enterprise’s web presence in search of common security holes. Including cross-site scripting, SQL injections, and volatile content. Admins can schedule Burp scans and see the resulting analysis in the form of detailed visual maps. Allowing for the ultimate control and protection of your business’s data.

How tight is your server security against attack? Do you use these tools or different ones? Let us know in the comments below!

6 Server Management Tips to Try on Plesk

- Server management tips - Plesk

Today, the most popular server management panel is either Plesk or cPanel. If you’re an expert system admin, you won’t have any obstacles after you purchase your dedicated server. But if you’re new to system administration, it may be hard to wrap your mind around it all. So you’ll need a cPanel or Plesk Server Management Panel in order to take care of task maintenance and security.

Now if someone hacks your server or it breaks down, there’s a high chance you may lose control over it. So to help you avoid that, we compiled a list of Plesk server management panel tips.

Get a Plesk Quote     Try Plesk for Free

1. Mod Security

mod security - Server management tips - PleskThe most common reason for web server hacking is hidden behind our popular CMS. WordPress or Joomla platforms are vulnerable to hacks. So if you’re a user, System Admins recommend that you definitely enable the ModSecurity feature on your server.

Installing Mod Security is a routine operation related to server management. You can do it easily through the Plesk server management panel. Once you log in, click on Server Management on the left. Then choose Tools & Settings and click on Updates and Upgrades on the right side. Log in with your root credentials and click on Add/Remove components. Select ModSecurity Web Application Firewall for Apache under Plesk hosting features and install it.

Make sure you configure it too. First access the configuration panel from Tools and Settings. And then select Web Application Firewall (ModSecurity). Enable Detection only in firewall mode and use the Atomic Basic ModSecurity Rule Set. Make sure you also use the Fast Predefined set of values and enable Update Rule Sets once every week.

2. Let’s Encrypt

Let's Encrypt - Server management tips - Plesk

If your website still runs on http instead of https, promoted by Google, you can get the Let’s Encrypt extension. This you can install from ‘Extensions‘ in the Plesk server management panel. And you can use it for free for 90 days. After this period, you will get a notification to regenerate the certificates once again.

3. Fail2Ban

Fail2Ban - Server management tips - Plesk

With Fail2Ban, you can scan the log files and ban suspicious IPs. Especially suspicious ones involving too many smtp auth / ftp failed attempts, exploits search, and so on. Fail2Ban is a super useful module that strengthens the firewall by adding predefined filters. Hence further protecting your client’s website and server. The most useful Fail2Ban filters that you should keep enabled at all times are SSH, log scanning, postfix, and mod_security.

4. Mail Server Settings

Mail Server Settings - Server management tips - Plesk

Configuring your mail server settings is ultra important to protect your client from becoming a victim of spam. And you also ensure that your client can’t spam other people too! You can select outgoing messages limitations, restrict sending emails using Sendmail, and activate spam protection based on DNS blackhole lists. Plus, you can review all your settings in the official Plesk Mail Server Configuration docs.

5. Firewalls

Firewalls - Server management tips - PleskDon’t get surprised if you cannot access firewall settings in Tools & Settings the first time you log in. In most cases, it doesn’t come pre-activated with the Plesk server management panel. Installing and enabling firewall with a basic set of rules is also one of the many server management priorities. Make sure you install it and enable it the moment you log into the control panel.

 

6. Backup

Backup - Server management tips - Plesk

Backup is a system admin’s best friend. And the most important action in server management. If you want to make your website 100% retrievable, you have to keep regular backups. These backups can help you restore the Plesk server management panel to its previous state. So you can relax even if you mess something up with modules, extensions and component installations and configurations.

The most efficient way to back up, in terms of disk space and time, is to keep incremental backups. Make sure you have at least 2 to 4 snapshots of your website at all times. You can easily set this up by accessing Tools & Settings > Backup Manager in the Plesk server management panel.

Trying Plesk Server Management Panel for size?

We hope we’ve helped improve your server management efforts. Follow these tips to make your server and website less vulnerable to attacks. Adopt a healthy backup practice and make user-connections to the website more secure (https). Plus you can make sure you won’t become blacklisted as a spammer. And if you need an all-purpose panel – try Plesk on for size. It may be a great fit.

Get a Plesk Quote     Try Plesk for Free