【 Weak current College 】 server into the engine room security preparation before

1. operating system security
　　
Might have friends often respond, my server has been hacking into it, I got to the room every week for at least two run, what should I do? after loading up the operating system, install a antivirus software, and operating system upgrades, patches and anti-virus threat signatures and signature of the upgrade. This time you don't hit on the server, the Internet virus Trojan plenty. After the upgrade, get some basic security permission settings, including the various partitions and directories permissions, even down to the security settings for the related file. Specific permissions settings will not detail here. Different operating systems, different applications, permissions settings are not the same. Never press online tutorial-place moved, or you will suffer.
　　
2. application software security
　　
I suggest that, in the server do not install your server does not have any relationship to the software, including Windows operating systems to Linux operating system, etc. It is recommended that you use the latest version of the application software, such as the Windows operating system by FTP software Serv-U, trust in the server hacking case, there are more than 80% of it is because the server Serv-U version is too low, then combined with other areas of vulnerability and intrusion. A new version of the application software is spread out, of course have it.
　　
3, website and database security
　　
Have a friend in the finished program, direct upload to the server, set up a Web site, the client can access it regardless, this is the wrong approach. Writing Web site program, a program of syntax and judgment, and other locations must be rigorous, database installation finished, be sure to call the database on the latest patch, and some basic permissions settings. Web site is transmitted to the server, you must timely appropriate related directory permissions be set. Do while not able to guarantee the security of the entire server, but at least it will dramatically reduce possibility of invasion by the server.
　　
4, anti-virus software and firewall
　　
Might have friends complain that my server is installed anti-virus software and installed firewall, server, or hacking into it. That's probably your antivirus software is not configured or no upgrade virus definitions, firewall is not configured. Including my friends all make this error, install the antivirus software is installed as a normal application, installation finished restart after no longer cares, this is not good practice to install the anti-virus software, after the server restarts should be the first time the virus library or signature upgrade to the latest, and made some simple configuration, such as power-on scanning, enter the system scan or a scheduled scan, etc. A no upgrades antivirus software and did not install antivirus software not too much difference. Similarly, a firewall installed, also need to make the appropriate settings, such as a ban on foreign computers ping the computer (actually, this feature is any one of the most basic function of a firewall), the prohibition is not commonly used to connect programs (you can never make the system updates or anti-virus software to added), and so on.
　　
5. Services and ports
　　
After the initial installation of the system will start for many services, some of these services is the core service, some unnecessary services. Likewise, a service must be to open one or more ports.
　　
You can install the system, immediately after the unnecessary services and ports to close, to some extent, to strengthen the security of the system. So, what exactly what services and ports need to shut down? it is necessary to you to your system startup for each service as well as common port has a profound understanding and awareness.
　　
6. other
　　
Just do the above five points, does not mean that your server is 100% safe.

As the saying goes, the wise Chin will be a loss. According to the actual, each server application, using different security policies are not identical, in all aspects of security at the same time is also very flexible. But as soon as you grasp the most crucial point, your server even if it is more secure, and that is as open to the minimal services (ports).
　　
The above mentioned just wired network security in a very small part of the very small, there is also wireless network security. Interested friends can search for relevant articles.
　　
Well, some of the underlying security of the server you have already done that allow data centers over related staff will your server rack, go back to the remote control of your server. Network security is a very large project, every aspect of security is not able to ignore, and applied to each link. Similarly, it is a long-term, continuous processes, server and network technology to rapidly develop, new vulnerabilities and hacking techniques are constantly emerging, this requires that the server administrator friends constantly update and consolidate their knowledge base of the brain, while free, go to some of the security class of the Web site and see the latest system vulnerabilities and software vulnerabilities.