What are the benefits of collocation?

The first benefit that you come across when the servers have been collocated is the fact that the data a company has is stored safely away from prying hackers and other unauthorized access. In addition, you are able to get more hits on the website without paying for the bandwidth. This in essence means that you get more bandwidth for free. The fact that the collocation provider takes over the management of the server means that you are able to better concentrate on the core part of your business. Add this to the fact that you will now be able to share the bandwidth with the server collocation provider. Speaking from a purely business perspective, this one of the fastest ways to cut the operational costs of having a server in your location. You will also set yourself aside from threats to the servers such as power outages and break ins, which pose security risks to the data you have.

 Why Security’s Very Important

Your website is a crucial part of your business. It’s created to support customer relations and company objectives. Secure web hosting warrants that your site keeps doing what it’s intended to do. The difficult (almost unthinkable) reality is that once your web hosting server has been attacked, your business reputation can be seriously tarnished. Security attacks can result to loss of huge amounts of money; decreased customer trust; proliferation of wrong information about your business; and partial or complete damage of your web platform.

The internet is truly an amazing tool of convenience and web hosting services make this tool more accessible to potential markets. Unfortunately, the web also provides opportunities for terrible acts. Web hosting security is not something you should take lightly, especially now that cyber felons and criminals operate in more cunning and wily ways.

Web Hosting Security Features to Look Out For

When considering options from the vast sea of web hosting providers, take into account the completeness of the package they are offering. First, make sure that they include daily malware detection in their services. Malware (thousands of which are spreading on the internet) can come in form of scripts, viruses, worms and just about anything that comprises your site’s integrity. It is imperative that the web hosting service that you choose is keen on consistently protecting you from any kind of software that can disrupt your computer systems.

Secondly, your web hosting provider should have accessible and regular backup schemes that are free of charge or that come at a reasonable cost. Daily, weekly or monthly backups help ensure that in the event your system is compromised or when natural disasters occur, you’ll have a way to retrieve your information. Most web hosting providers ask you to pay extra for this service because it requires the use of secure, off-site data centers.

Thirdly, your web hosting package must include reliable encryption methods and access management. Encryption keeps your data safe during transit amidst prying and suspicious eyes. Access management is essential in web hosting because it keeps unauthorized individuals from gaining control of your entire site.

Background checks at both the entity level and the individual level will be conducted for all applications, to confirm eligibility. The background check may include, but is not limited to any of the following areas:
• Corruption and bribery
• Terrorism
• Serious and organized crime
• Money laundering
• Corporate fraud and financial regulatory breaches
• Arms trafficking and war crimes
• Intellectual property violations

This has caused quite an upset in the Middle East, where some are afraid background checks by the American-run ICANN could turn into racial profiling. Either way, something tells me that terrorist groups would much rather invest $100,000 in missiles instead of the gTLD application fee.

In the event of an Internet failure, five of the seven individuals would have to bring their key to a U.S. military base. Each key contains a portion of the DNSSEC root key.

Although I doubt the new cyber guardians would ever need to use the keys, the idea of this is just really cool. Props to ICANN for being a little less boring for once.

Source | Popular Science

1. Do not allow direct root/administrator login
2. Make sure passwords are secure and changed regularly (by force if necessary)
3. Use a network firewall, such as APF
4. Use an application firewall, such as ModSecurity
5. Chroot all non-root users to keep them out of system directories
6. Use virus scanners and spam filters
7. Close mail server open relays
8. Keep all software and scripts up-to-date
9. Test your server for security holes
10. Keep up on the latest security news
11. Use SSL for secure data transactions
12. Set permissions as strictly as possible on any web-accessible files

Image Source: Wikimedia Commons

Answer: If your mail server is sucking up valuable CPU power, there are a couple of possibilities, none of which are pleasant.

1. You or users on your server are getting a lot of emails, more than usual. Although it is possible that it is just a temporary thing, it could be a deliberate attack on your server.

2. Someone is sending spam from your server, using an open relay in your SMTP settings or exploiting a user’s account.

3. Your server is receiving a ridiculous amount of spam (i.e. spam attack). This could be an intentional attack or just a particularly bad day.

Usually, if the CPU upswing is substantial, you should be really concerned about your server’s security. Take a look at the mail server logs and see where the emails are originating and where they are being sent. Take note of IP addresses, user names, and any other useful information. If you cannot figure it out, you can take the data to a security expert who can help you solve the problem.

1. OpenSSH

OpenSSH is the primary SSH client and server used for Linux, BSD, Mac OS X and other Unix-like operating systems. It is free and open source and is part of the OpenBSD project. It includes scp and sftp for secure file transfers.

2. PuTTY

Although it works with both Windows and Unix, Putty is mostly used by Windows users, since SSH is not installed on Windows by default (unlike Linux and Mac OS X). PuTTY is free and open source.

GUI Applications

1. Filezilla

Filezilla is a file transfer application that includes support for scp and sftp. It is free, open source, and has cross-platform support.

2. WinSCP

A GUI file transfer program, WinSCP supports scp and sftp, and it is core is based on PuTTY. WinSCP is free and open source.

3. Cyberduck

Cyberduck is a file transfer application for Mac OS X that supports SFTP. It is free and open source software.

To connect to your server via SSH, simply type:

ssh -l(username) hostname_or_ip

It will prompt you for a password. Type your password, and you should be connected. Some web hosts may use a different port for SSH, other than the default port (22). If so, you will need to specify it, for example:

ssh -p 2222 -lmyname webserver.com

Normal Linux/Unix shell commands apply, once you are logged into the server. When you are finished, simply type “exit”.

The only way to effectively delete a file is to overwrite the space the file was using. You can accomplish that with the “shred” command. Just like shredding important physical documents, shred makes sure your files are good and gone, so please use with caution. Once it is gone, it is gone.

On a web server, you may want to make sure you delete sensitive information completely (a database of credit card numbers, for example). To do so, run the following command:

shred filename

You can also shred it a number of times just to be sure:

shred -n 7 filename

This will shred “filename” seven times. For more information about shred, type “man shred” from the command line.

Photo Source: Flickr

As boring as it sounds, DNSSEC makes domains more secure by verifying and validating name server responses as they cross the Internet. It makes intercepting web traffic harder and can even stop hackers from redirecting visitors to fake sites.

The technology was expensive for the .org and .eu registries to implement, but I think it was worth it. It remains to see whether the general public is aware enough about the technology for it to have an effect on consumer choice for the extensions.

Source | Domain News
Photo | Flickr