If you’ve got websites with a lot of traffic or scripts that use a lot of resources, upgrading to dedicated servers will decrease load times dramatically, even during times of peak traffic. Despite being expensive, these servers are an excellent option if you run an online business and need more bandwidth and speed.

Aside from performance benefits, using a dedicated hosting solution will put you in control of everything, allowing you to optimize it specifically for your requirements. Even though you’ll have full access the server, you‘ll also need to stay on the lookout to protect it against attackers who abuse common security vulnerabilities.
Although there are special vulnerabilities out there that are specifically targeted based on your server’s operating system, configuration and scripts, here are the three most common security threats that affect many unmanaged dedicated servers worldwide.

Distributed Denial of Service Attacks

There are a few server-specific attacks that leak sensitive data or cause temporary down time for your website, but the majority of them are aimed at large-scale disruption. These threats, commonly known as Distributed Denial of Service (DDoS) attacks, send large amounts of illegitimate requests to a target server from multiple sources. As a result, the targeted server will deny access to many legitimate visitors and oftentimes slow down and crash.
DDoS attacks are a major threat for websites that have established themselves as a brand and therefore enjoy a lot of legitimate traffic. There are many expensive ways to defend against these attacks such as purchasing a DDoS mitigation service, but here are a few tips to harden your server without spending too much:

  • Use a free CDN such as CloudFlare to deny access to spammers and save server resources.
  • Set up a notification system so you can receive messages when your website experiences higher traffic or resource usage than usual.
  • Check the server log for suspicious IP addresses that appear frequently and deny access to them or entire IP ranges.

Malware Infections

Malware commonly comes in two flavors – there’s the “Trojan virus” which lurks in the background of a personal computer that records keystrokes and passwords, and then there’s the backdoor or “shell” that’s injected into a web server to allow root access to unauthorized users.

Trojan viruses are usually opened by an unsuspecting user who tries to install a program for free, as they are commonly found bundled together in fake or cracked programs. On the other hand, the backdoor is usually maliciously uploaded to a server through a widely known vulnerability. Attackers generally use an automated program to scan a large number of websites for common vulnerabilities in widely used scripts such as WordPress.
If you do a lot of work on your dedicated servers from an infected computer, the server’s root username and password can easily be stolen from common applications like FTP clients and web browsers. If the server itself is compromised with a backdoor, it’s even easier to gain the root credentials.

With complete access to your server, the attacker can upload other malware for specific purposes. For example, the malware could crash the server, make it a part of a DDoS attack on another server, create outbound links for search engine optimization purposes, and more. Just follow these simple tips to prevent malware infections in general.
  • Always check your applications for bundled malware before installing them.
  • Be sure to have antivirus software installed to prevent malicious programs from executing.
  • If you can, opt for a hosting provider who offers comprehensive vulnerability scanning for dedicated servers.
  • Test software and applications on an isolated computer or virtual environment before opening them on your computer or uploading to the server. PC programs like VMWare and WAMPP are very useful to test for malware in both executable applications and web based applications such as PHP scripts.

Brute Force Attacks

Although you might think your dedicated server’s password is safe because you never shared it before, it could be easily guessed by trial and error if it’s simple enough. Brute force attacks do exactly that—attackers will attempt to continuously check the username and password against a list of commonly used credentials. This is another common threat that many new server administrators face as the hosting provider fails to implement a robust password policy. Here are some tips that can help you keep your dedicated servers safe from brute force attacks.
  • Always create a strong password by mixing numbers and upper and lowercase letters.
  • Never use a dictionary word or a phrase as your password, as it will likely be included in the wordlist attackers will test.
  • Create different passwords to access different applications on your server. Keeping one password for everything like cPanel, FTP and MySQL can prove to be a very costly mistake.
  • Change your passwords periodically and don’t pick a similar one each time.