It looks like you're new here. If you want to get involved, click one of these buttons!
Sign In RegisterIt looks like you're new here. If you want to get involved, click one of these buttons!
Howdy, Stranger!
It looks like you've been lurking for a while.
If you register, we also will remember what you have read and notify you about new comments. You will also be able to participate in discussions.
So if you'd like to get involved, register for an account, it'll only take you a minute!
Anyone who manages a server must ensure its security. Currently, there are many threats, which attack servers in a wide variety of ways. In this article, we'll provide some basic tips to help ensure your Windows server's security.
Attempts to hack servers are most common through main system users. On Linux OS servers, this is the root user, and on Windows servers, this user is the Administrator. To reduce the risk of breaching into the server through this user using brute-force attacks, it is best to disable it. Instead, you can create an alternative user with full administrator privileges and use it to manage your server.
To create a user, you can check this guide.
After you created the new user, log in to your server and go to Computer management → Local users and Groups.
Right-click the Administrator user and pick Properties. Checkmark Account is disabled and click Ok.
Using various ingenious techniques, it is possible to generate giant databases with potential passwords and their hash values. Such databases also include real passwords that have been leaked in various ways. There are sites, which allow downloading the existing 15GB password database. So often, bad guys don’t even have to worry about hacking your password. All they need to do is create a solution that will automatically search for text that matches your password hash in that database.
For this reason, it's essential to have a strong password and also update it regularly.
Just as it is recommended to change the default SSH port from 22 on Linux servers, it is recommended to change the standard RDP port 3389 on Windows servers.
The port is changed on the Registry Editor. To open it, press the Win+R combination and execute the following command:
regedit
Then follow the path below:
HKEY_LOCAL_MACHINE / SYSTEM / CurrentControlSet / Control / Terminal Server / WinStations / RDP-Tcp
Right-click on PortNumber and select Modify
In the newly opened window, you will see Value data. The value will be unclear, but you will see the port by selecting Decimal Base on the right. Put your port value there.
You can also change the RDP port via Power Shell:
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value 3390
New-NetFirewallRule -DisplayName 'RDPPORTLatest' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort 3390
If the firewall runs on your server, you need to change the configuration to allow connections through the specified port. You can find a tutorial for this on this here.
Through a firewall, you can specify certain IP addresses for your configured RDP port that will be able to connect to the server. When you go to the firewall, find the rule you created. Right-click and select Properties, and then select Scope. In the Remote IP address section, click Add and specify the IP address that the server can access via RDP.
A firewall is the basic protection of a server. Unfortunately, most tend to disable it because it uses server resources or sometimes blocks certain services. And yet, it is necessary because it is designed specifically to protect the server from malicious requests, software, etc. Also, the firewall filters server traffic. This is done either according to the standard or according to your custom settings.
You may have noticed that your personal PC also occasionally notifies you that updates have been released and need to be installed. This is done for a reason. Each update optimizes services, software and also addresses security vulnerabilities that third parties could exploit. For this reason, it is essential to regularly update both the operating system on your server and the software running there.
You can install updates on the server in Settings -> Update & security → Windows Update
If you host a website created with WordPress, it is also necessary to update it when the new version is already available. It is equally important to update the plugins used on the site.
In other words, antivirus programs. They come in both paid and free. Everyone can choose according to their needs and abilities. Here are some of the most popular free solutions that have been popular lately:
However, we cannot guarantee the safety and effectiveness of these solutions. Be sure to check the reputation of third-party equipment before installing it on the server. Besides, all additional applications use resources on your server. So it is necessary to evaluate whether your plan allows such luxury.
I wish I could say that basic server security is only recommended, but in my opinion, it is already becoming mandatory. Every day, more and more modern solutions appear, which increase the risk that some bad guys can use your equipment. And using a server for purposes like an attack or sending SPAM is the least of the consequences. Just think about the leakage of your personal data, the use of money on your credit card, and other things you don’t really want to think about.
So, be sure to take some time and protect your server.