How To Avoid Five Common Server Administration Mistakes

Managing a server is not as complicated as you might think, but there are a few gotchas that often catch out neophyte server hosting clients. You shouldn’t feel bad about making mistakes: most of the old hands who frown at you from the pages of Serverfault made the same mistakes and learned from the experience.

But it is better if some types of mistakes aren’t allowed to become learning experiences.

Deploying Insecure Databases

There has been a spate of data leaks from improperly secured databases in recent years. Modern databases and caching tools are easy to install and use, which lets inexperienced developers get up-and-running quickly. But in some cases — MongoDB prior to version 2.6.0 and Memcached being prominent examples — they are insecure by default.

Your database should not be accessible from the internet except through the application it serves. When you deploy a database, read the documentation and pay particular attention to the recommended security configuration.

Failing To Keep A Record Of Changes

If the changes made to a server’s configuration aren’t recorded, they are forgotten. This has two consequences: it is impossible to roll back to a good state if the changes cause a problem that manifests a few hours or days in the future, and the lessons learned while making the configuration changes can’t be applied to other servers.

There are a couple of possible solutions:

Alternatively, don’t make any changes to a live server: use an automatic configuration system like Ansible to provide servers with a known good configuration and then leave them alone.

Not Patching

Security patches are vital to the security of your server and the data stored on it. Your server may be compromised if you don’t update to apply patches.

Updates can be run manually on the command line or you can use a tool like yum-cron to update automatically. Although CentOS updates don’t often include breaking changes, it is always a risk to update a production server without checking what will change.

Future Hosting’s Future Engineer Pro management service includes pro-active security updates for the kernel and other software so your server will always be protected by the latest security patches.

Neglecting Backups

Data that exists in only one place barely exists at all. The majority of data loss incidents are caused by human error or security issues, both of which are unpredictable. Without backups, your business is one bad day from a disaster.

The best backup systems are automatic, comprehensive, and easy to restore. Future Protect offers automatic continuous data protection and is included free with all Future Hosting managed VPS plans.

Choosing Guessable Passwords

Server administrators should understand the importance of using long and hard-to-guess passwords. But the evidence shows that convenience often beats knowledge. Successful brute force attacks against Linux servers are common.

Use a password generator to create a secure password for your server account or, better yet, give up passwords entirely and use SSH keys to authenticate.

Dedicated Server Special

Take advantage of our Double RAM offer on the E3-1230v2 4 x 3.30GHz+HT server! Only $134.95 per month. Managed and Unmanaged options available at checkout.