The necessity of safety of the website is caused by the fact that for the attack any gap in a system suffices. The access got by malefactors to an Internet resource allows them to enter the server addresses in black lists, to steal traffic and data and to result the website in instability.
Instruction
1. For ensuring stability of the operating system which is a basis of any server you monitor timely installation of the last updates of a security system. Corrections can be started mouse click or, having performed necessary tunings, to achieve their automatic installation. Considering that hackers can also automate the attacks, finding servers with unspecified updates, do not forget to control their timeliness and novelty of the installed versions.
2. In time update all software of the Web server. Delete that which does not belong to such necessary components as remote desktop service or the DNS server or disconnect. If it is impossible to do without some of them, trace that easy passwords and passwords by default were not used.
3. Surely use the antivirus software. In combination with the flexible firewall it will effectively protect from security risks. Until you install a quality anti-virus package, malefactors will use vulnerability of a system, implementing malicious software and loading instruments of cracking.
4. Do not install unnecessary components as any of them poses separate threat. Together with their increase the total risk increases. Remember that any oversight in a security system is sufficient for the attack.
5. When using widespread and quite popular Internet Information Services (IIS) component disconnect the services set by default, for example, of SMTP or FTP. Turn off function of viewing the directory as it shows to visitors the files used by a system. Deactivate all those server extensions of Front Page which are not used by you. Include the automatic IIS update by means of the Windows control panel.
6. When using the Apache Web server include only necessary functionality of resources, having excluded access to resources by default. Keep the log of requests to manage to reveal suspicious activity. Subscribe to the newsletter of Apache Server Announcement which is in due time delivering corrections and updates for a security system.