At MAROC SEO®, we take care to configure, optimize and secure your server (and by extension your databases and your website). We use the latest high-level international techniques.
WEB SERVER OPTIMIZATION
When we talk about web server optimization, we are referring in particular to optimization for SEO. Indeed, to optimize your Web server, our experts work on several aspects that we develop internally, among them:
This allows your website to have excellent performance in terms of loading speed, and to have exceptional results on GTmetrix, Lighthouse, or Google Page Speed Insights.
To improve the performance of web servers, some changes must be made to the configuration they have by default. Remember to keep all of the software updated. This will save us a lot of worries in the field of security, but it will also impact the optimization of the site. Especially when it comes to programming languages, keeping the latest versions always guarantees better performance.
WEB SERVER SECURITY
At MAROC SEO®, we secure your web server in order to protect your database and your website, and to warn you of any dangerous intrusion to your server. We work on ports of entry, access methods, firewalls, antivirus, intrusion detection software, backups, log tracking, protection against SQL injection attacks, countering Brute Force attacks, and many other techniques.
Server Security Threats
Server security is just as important as network security, as servers often contain a large amount of vital organizational information. If a server is compromised, all of its contents may be available for a hacker to manipulate or steal at will. Examples of some threats:
Unused services and open ports
For example, a full installation of Red Hat Enterprise Linux contains over 1,000 application libraries and packages. However, most server administrators choose not to install all of the distro’s packages, preferring to perform a basic installation of packages including various server applications. It is very common for system administrators to perform an operating system installation without paying attention to the programs that are actually installed. This can be problematic as unnecessary services may be installed, set to their defaults, and possibly enabled by default. This can cause unwanted services, such as Telnet, DHCP, or DNS, to run on a server or workstation without the knowledge of the administrator, which in turn can cause unwanted traffic to the server or, also, a potential entry point for hackers.
Administration without monitoring
One of the most serious hazards to server security is neglectful administrators who fail to monitor their systems. Some administrators neglect to patch their servers and workstations, while others ignore network traffic log data. Another common error is not changing passwords or service keys. Some databases, for example, contain default administrative passwords because their developers believe that the system administrator will update them as soon as the database is installed. Even an amateur cracker can use a well-known password to access the database with administrative credentials if the database administrator does not change the passwords. These are just a few examples of how sloppy server administration can result in server compromise.
Inherently insecure services
Even the most cautious and attentive company can be vulnerable if the network services it chooses are inherently insecure. Many services, for example, are built with the idea that they will be utilized on a secure network; however, this assumption falls apart once the service is made available on the internet, which is unsafe in and of itself. Authentication with unencrypted usernames and passwords falls into the category of unsafe network services. Telnet and FTP are two examples of these types of services. A hacker tracking the communication between a distant user and a service like this can easily collect usernames and passwords. Certain attacks may target these services as well. A hacker redirects network traffic to your system instead of the target server in this type of attack. Once a user enters into a server’s remote session, the attacker’s workstation functions as an unseen conduit, capturing data between the remote service and the innocent user. A hacker can capture administrative passwords and data in this manner without the server or user realizing it. Network file systems and information services, such as NFS or NIS, are another category of insecure services that were designed for LAN use but have sadly been extended to cover WANs (for remote users). As default, NFS has almost no verification or security protocols in order to prevent an attacker from launching and accessing an NFS shared directory. In a plain text ACSII or DBM (derived from ASCII) database, NIS also stores essential information that must be known by every machine on the network, such as passwords and file permissions. A hacker who gains access to this database has complete visibility to the network’s user accounts, including the account of the administrator.