Setting up security on server: Complete Guide

Nov 22

Setting up the security on your web server is an integral part of ensuring that your business website runs smoothly. Not only does it secure you from attacks and interruptions but it also increases the users confidence in accessing your site. The type of security needed for a website server varies depending on a variety of factors. Simply put every system, be it ubuntu, linux or windows, has it’s own security settings.

The fundamentals of these settings are similar though. This article features how to use Apache to secure your servers. It is the preference of many. SSL(Secure Socket layer) and TLS(Transport Layer Security) are protocols that ensure secure HTTP connections between the client and the web server. This is extremely useful for e-commerce sites as it protects the client private information. This includes credit card details, passwords, email details and generally private information.Use Of SSL/TLS certificates ensures that both the e client and website authenticate each other. OpenSSL is automatically installed with Apache.
First one needs to create a SSL certificate that will authenticate both the client and the server. This is achieved by getting a certificate signed by a recognized authority. A private key is generated for the certificate authority. This key is then used to sign the server certificate. A self signed certificate can also be created here.
The Apache web server security also requires a few other setting changes. In order to hide the Apache version and Os identity one needs to off the ‘server signature’ and ‘server token prod’ in the configuration file. This is achieved using vim editor. Another way on can secure their website is by regularly updating Apache. The Apache community always has new tools and fixes to further increase the security. It is also recommended that one switch off unused modules.

It's only fair to share...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedIn