Friday, 26 June 2015 14:22
Most people do not realize just how important security actually is on the Internet. We can hear about and even see some hacks and attempted hacks, but until you are in some type of sysadmin position and get the notifications when someone is attempting a hack, you don’t really realize just how many times it is attempted. Our servers are hit just about every second of every day by attempted hacks. That comes to thousands of times per day per server.
The sheer volume of attempts is daunting. Good security is essential in staying secure. A good firewall, good antispyware and good antivirus software are all parts of a good security package.
There are good security tools available, but even with good tools it is important to stay up to date with definitions and updates. Hackers are constantly changing and evolving their attempts to penetrate networks, and network security has to keep up with that – which means it also must be constantly changing and evolving.
For our servers, a basic starting point seems to be CSF (ConfigServer Security and Firewall), which is a well-respected and efficient security package. It works right into cpanel/whm and relieves a lot of the headaches of the constant hacking attempts. Nevertheless, the attempts are always going on.
Sometimes, in spite of the best of security measures, a site may still be hacked. Then it is time for repair, restore or redo. First, you want to attempt to repair the problem. In most cases this can and should be done. Sometimes a hack may be too well entrenched in your site, and it will be necessary to do a site restore to get rid of it. In extreme cases, the hack may have gone even deeper, and it becomes necessary to delete the site and start over. That last case is an extreme example, but it can and does happen.
Most hacking attempts are done by robots set up to exploit certain vulnerabilities. These attempts can mostly be prevented with good, up-to-date security software. The small percentage of attempts by hackers depends greatly on the skill level of the hacker. Those just using some scripts they found on the Internet can usually be thwarted by the same good, up-to-date security software. However, when a very skilled hacker decides to hack a site, it can be very hard to keep them out of it.
It comes down to access and convenience. The most secure site is one that no one can connect to. However, if no one can connect to it, it is not a very useful site. As ease of access increases the security decreases. This is a constant security dilemma.
Even when you find a good security package, it is necessary to keep checking it against other packages to see that it is keeping up with changes in the field. The best security package this year may be much further down the list in a couple of years if they don’t keep up with the state of the art in the field. Security concerns are always an ongoing issue, and may only be ignored at the peril of your servers and sites.
This article is only meant to make you consider security a little bit more. Research into security packages, security issues and security state of the art are processes that should never end. Security is and always will be essential for a well-run site or server, and good security is a state to strive for – but even when it is achieved, you still can not let your guard down, or there will be problems.
Written by: Bob Hunt, Search Engine Technical Coordinator