Server Hardening is often misunderstood as being a one off process to tighten the security on a server before it becomes live on the Internet. This is only partially correct, sure you want to tighten the security of your server before putting it on a Public Network, but its not enough to put it in and forget about it. The idea behind server hardening is the process of securing the machine not only before it goes live, but permanently.

We have seen around the Internet, “Server Hardening Guides”, “Security Checklists” and “Hardening Protocols” all of which seem to be one off documents where you follow through the checklists ticking off the boxes and completing the required steps. Once all the steps have been completed, email the completed checklist to the boss stating the machine is now secure and that’s the end of that.

This is actually good practise as an initial process, but what happens in the future when someone creates a utility that can breach the security of your hosted server? Or someone finds that your running an out of date software application that can be exploited? The sad fact about the internet is that if a server can be compromised your pretty much guaranteed that it will be in time.

The idea behind server hardening is to make your machine secure and keep it secure and up to date as possible.

What steps can you take? Well the main things are keep your software up to date, most software developers release fixes, updates or patches which rectify found flaws or exploits, remove unused usernames and logins from your servers, disable SSH access with the root account, make sure you are behind a firewall, use a data integrity / change detection tool like Tripwire and most importantly take backups lots of backups. Regular audits on your servers for software updates is also a good habit to get into. Another good habit to get into is keeping documentation on your hosted servers this way you can see what versions of software you have installed, when patches or updates were installed, who performed the work etc etc.

Did we mention backups? Regular checked backups are very important, especially when the data on your server is critical.

Have you ever had the need to mirror an MS-SQL database? Perhaps for redundancy or maybe even a failover solution.

Recently a customer who came to us needed a solution for a disaster recovery site for their web application. Their system runs on Microsoft ASP.NET with a MS-SQL backend. We suggested the possibility of MS-SQL mirroring, this solution struck us as being very good for this application because it required very small changes to the application itself and required the minimum amount of hardware and additional software.

A quick overview of MS SQL mirroring is as follows:

- You require 3 servers, a primary database server, a secondary database server and a “witness� server.

- The 3 servers all require MS SQL. Preferably Enterprise Edition for the primary and secondary, and standard for the witness.

- The failover works on a “Quorum� system whereby 2 of the 3 servers must be able to communicate to form a Quorum for the system to continue to function. For example, if the primary server fails, the secondary and witness form a Quorum and promote the secondary to a primary.

- The secondary server is inactive as an SQL server unless promoted to primary (this is NOT a load balancing solution).

- In our situation, we required the failover to work not only for hardware failures, but link failures also, so we have to locate the witness server in a different location to the primary and failover site.

- Another option is to go without the witness server, but this requires a manual failover in the event of a problem.

The Microsoft article with more information about MS SQL mirroring can be found at http://www.microsoft.com/technet/prodtechnol/sql/2005/dbmirror.mspx

This is one of the automatic failover options we offer at GoHosting, although we have worked on many different solutions with Dedicated Servers, Virtual Servers and Colocation Servers.

It all depends on how important the availability of your website / application is. If you require absolute no downtime, then this kind of mirroring solution that would be suitable for your needs.

A good way to determine if your Website is achieving your goals is to refer to its web statistics. All GoHosting standard hosting packages come with free web statistics tools. These can be access under your control panel.

Your web statistics show not just how many hits you’re getting, but which pages are the most popular, who’s visiting your site, when do they visit, and other data that can give you a clear idea of what sort of traffic you are getting to your site.

It’s a good idea to monitor your web stats weekly or monthly, and give special consideration to the times when you have made content updates to your website. This can help to give you a better understanding of how people are finding your site and also what particular content changes affect your search engine rankings. Web statistics can also show you the keywords that visitors used to find your site, which can be very useful it optimising your content to how your visitors are searching for your particular product.

It can even help you to discover new markets and services to offer your customers and to tailor your business to potential customer demand. For example if you sell socks, and quite often you see people searching for “socks and jumpers” and finding your site, then perhaps you should be offering jumpers as part of your product line.

Another important part of your online sales strategy should be to have a professional company perform SEO (Search engine optimisation) on your website. For more information on SEO visit GoHosting’s Search Engine Optimisation page or check out our blog post on SEO and why it is important.

Again your web statistics are a perfect way to monitor the affect of your search engine optimisation.