Got your own server?

Still using the default configurations? You're leaving the front door open to hackers and script kiddies!


Don't hesitate, the hackers won't...

privacy I value your privacy and would never spam you

Server Hardening

Server maintenance is only half the battle. While keeping the server packages up to date enhances security, you're only as secure as your weakest link. Often to serve the masses, default server configurations include or run services you don't need or use. These services can serve as a backdoor into your system.

When you lock down services you use and get rid of unused service, you reduce the attack vector available to those who have stock in Cheetos and Mountain Dew.

I can give your server the full service treatment. This isn't something that will happen over night so bear with me.

The Ugly Truth

  • Are you actually using your server to send and receive email?

    By default, most server configurations include SMTP for sending/receiving mail. If it's not being used, turn it off. If it is, lock it down.

  • Using FTP and not SFTP?

    Just because you have to enter a username and password doesn't mean it's secure. Anyone can see what you are transferring when it's sent in plain text. Encrypt it from prying eyes.

  • You Have No Clue What To Do!

    If you do nothing, something bad is going to happen. If your business relies on a web presence don't take a chance, it may very well cost you your business.

I Can Help

  • You Are Unique

    It's not easy task to lock down a server, every one is different. I evaluate what you do with your server and take action.

  • Best Practices

    I make sure your server is secure as possible by following best practices. I don't try to reinvent the wheel, instead I listen to those who are smart and set the standard for security.

  • Security Without Obscurity

    No smoke and mirrors here. You'll know what I am doing and will not do something if I'm not comfortable doing it.

How much?

Don't hesitate, security is just a few steps away!

Contact me to find out. I don't list prices as every server is unique. The longer you wait, the more of a risk you are at for a security incident!

privacy I value your privacy and would never spam you

What's Included

This is just a sample of what the package offers. Every server is different and I will do my best to make it secure! Please note, this service is not possible on a shared hosting environment. You must have a VPS or dedicated server.

  • Apache Lockdown

    I tighten down Apache. Getting rid of unused modules not only enhances security but can also boost performance! I'll even throw in some security enhancements at no extra charge!

  • Firewall Engaged

    The best list is a whitelist, and I'll configure the firewall to only allow what you want in. Anyone who tells you to only block the bad stuff is selling snake oil. You'll never block all of the bad as the list can go on for ever. By only saying what you want in is a better approach as it's easier to manage.

  • Secure MySQL

    Most MySQL configurations are the default out of the box. I follow guidelines straight from the vendor. Still have the "test" database? It's gone! Anonymous users? Not any more!

  • What Services?

    I'll evaluate what you actually use your server for and disable the stuff you don't use.

  • New is the New New

    When was the last time you updated the software on your server? I'll check to make sure packages are up to date. Still running PHPv4 (or 5.3 even)? I'll get you on to a more stable and secure release.

Not Ready For The Full Service?

I offer a la carte.

Service Hardening

Like server hardening, the less holes you have the better. With this a la carte service, I focus specifically on a particular application or service. Are you advertising what version of Apache you are running (you are running Apache right)? Is MySQL listening to external network connections when you only access it by "localhost"? I follow common and best security practice guides to take the guess work out of what needs to be done.

While my server hardening service is like a complete make over, this is more like a trip to the day spa. Service hardening focuses on a specific service you choose. You can choose one or many, I'll take securing your system one services at a time.