22 Oct How to Secure Your Web Server
Web security remains one of the most critical issues for IT organizations, as recent high-profile cyber attacks have proven. Due to the sensitive data usually hosted there, web servers are one of the most targeted places in an organization. In fact, securing a web server is just as important as securing a website, web application, and network.
Securing a web server is a challenging operation, but it is certainly possible. Unfortunately, regardless of which web server software and operating system you use, an out-of-the-box configuration is usually insecure. The tips below will help you increase web server security.
Tip 1: Remove unnecessary services.
The default operating system installations and configurations tend not to be secure. A typical default installation includes many network services you won’t need in a web server configuration, such as remote registry services, print server service, etc. The more services running on an OS, the more ports that are left open, so turn off and disable services you are not using.
Tip 2: Manage permissions and privileges.
File and network services permissions that affect web server security because if a web server engine is compromised through network service software, the user can access the account on which the network service is running. For added security, assign the fewest privileges needed for a specific network service to run. Also, assign minimum privileges to any anonymous user that is needed to access the website, web application files, and databases.
Tip 3: Remove unnecessary modules and application extensions.
Default Apache installations have a number of pre-defined modules enabled that you likely are not using. Turn off these modules to prevent targeted attacks against them.
Microsoft’s web server, Internet Information Services, is similar. By default, it is configured to serve a large number of application types such as ASP, ASP.NET, etc. Your list of application extensions should only include a list of extensions your website or a web application will be using. Each application extension should also be restricted to use certain HTTP verbs only, when possible.
Tip 4: Monitor and audit the web server.
Ideally, you should store all the logs present in a web server in a segregated area. Network services logs, website access logs, database server logs, and operating system logs should be monitored frequently. And, be on the lookout for odd log entries since log files tend to provide all the information about an attack attempt. If you notice suspicious activity from the logs, immediately investigate to see what is going on.
USACI would welcome the opportunity to assist with any of these steps or review your current policies and settings. Give us a call at 888-393-6565 x506 or email sales@usaci.com for more information.
No Comments