Best practices to strengthen Plesk server security

Server security is the core of server management for any web hoster and server admin. Any online business should take server security seriously. Here we’ll explore the most important aspects at hardening Plesk servers and monitoring them for security vulnerabilities.

Plesk server security hardening

Plesk Server Security Hardening – Generic Steps

Latest Plesk has enhanced level of security right after the installation. Recently, Plesk launched Advisor, which unifies the best possible security practices and performance tune-up of the server and hosted websites. At the same time, it’s a good idea to ensure the following routine steps:

  • Insure regular Plesk updates
  • Change password strength to Strong
  • Use two step verification by installing Google Authenticator
  • Use SSL/TLS to secure mail server
  • Set sFTP connection
  • Limit administrative access to the system
  • Limit remote access via XML API
  • Actively use Web Application Firewall
  • Actively use WP Toolkit Security Check
  • Set automatic updates for WordPress instances
  • Insure outdated web applications are not used or update them on regular basis. The failure to comply this rule may result unexpected security vulnerabilities
  • Use VirusTotal Website Check to check existing websites

Block all ports which are not in use with the help of firewall.

server security tips for Plesk under Linux

Server Security Tips for Plesk under Linux

  • Use keyfile to allow SSH access
  • Use custom port to establish SSH connections
  • No SSH authentication for root user
  • Turn off Perl/Python for the website if these languages are not used as well as do no use mod_perl/mod_python
  • Use Opsani vulnerability scanner
  • Set Fail2Ban to prevent hacking attempts
  • Avoid PHP handler served as Apache module – not a secure practice
  • Ensure automatic updates of system packages are on
Server Security Tips for Plesk under Windows

Server Security Tips for Plesk under Windows

  • Custom port usage for RDP connections is a must
  • Get rid of unused programming languages
  • Make sure you install the latest Windows updates
  • Restrict users from overriding  handlers via web.config files
  • Keep DDoS protection enabled
What to do if server security is compromised - Plesk

What to do if server security is compromised

What we suggest here is migration to the new server. With a successful attack, intruders raise their privileges to root level – meaning they can do anything with the server. And just because you find malware/rootkits during investigation and clean it, doesn’t guarantee no others inside your system. It’s possible to load malware directly into RAM. There can be backdoors enabled or even common cronjobs for wget to download rootkits from already infected servers.

Try to restore the server using a previous snapshot doesn’t mean no server problems. Because in many cases, it’s not clear when exactly the server was hacked and rootkits  uploaded to the server.

How to identify the source of the problem

How to identify the source of the problem

While using security solutions dedicated to scanning for rootkits/malware you need to understand the following – these solutions use only already known patterns to identify the presence of malware and can be completely useless for new malicious software. To be 100% sure on how the server was hacked please contact security audit company which specializes on such cases. Please do not change anything before investigation to avoid the loss of traces.

No comment yet, add your voice below!

Add a Comment

Your email address will not be published. Required fields are marked *

GET LATEST NEWS AND TIPS

  • Yes, please, I agree to receiving my personal Plesk Newsletter! WebPros International GmbH and other WebPros group companies may store and process the data I provide for the purpose of delivering the newsletter according to the WebPros Privacy Policy. In order to tailor its offerings to me, Plesk may further use additional information like usage and behavior data (Profiling). I can unsubscribe from the newsletter at any time by sending an email to [email protected] or use the unsubscribe link in any of the newsletters.

  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden
  • Hidden

Related Posts

Knowledge Base