Check For Script UpdatesOne of the biggest security holes in servers are out-of-date scripts, especially if you're using popular scripts such as WordPress. Keep a list of all of the script installations on your servers, and ensure they have the latest security updates. Some scripts automatically update when one is available, but this typically requires open permissions on a folder or files on your server. If you want to keep your server optimally secure, avoid having open permissions, and update it manually.
Check Folder PermissionsEach file and folder on your web server has specific read-and-write privileges. Some files are read-only. Others require certain users for editing while others can be written and read to by anyone — keep permissions restrictive to thwart hackers. It adds time to your server usage, but it's worth the potential trouble of clearing out a hacker from your servers. Most scripts provide you with the exact permissions needed to run properly, so don't deviate from that if you need to open up permissions for it to work. To find web hosts that give you access to your file and folder permissions through a web-based file manager and host control panel, check sites such as WebHostingBlueBook.com.
Audit Your DatabasesImproperly coded web forms that save data to a database create a huge security risk. Why? Because a web form doesn't have a restriction on the type of characters sent through the form. A hacker can send along commands that cause tables to get created or dropped from a database. As a result, your databases are accessible. Since many scripts are database-driven, a hacker can see sensitive data and other records. Check your contact and other text submission forms to ensure only alphanumeric characters can be submitted. As a follow-up, use PHPMyAdmin or another database manager to see whether any foreign tables are added or existing tables are altered.
Update Your Operating SystemSimilar to a desktop computer, server operating systems frequently release security and major feature updates. Prevent the operating system from being compromised on your server by applying the latest updates and confirming their stability. In many cases, even in unmanaged hosting, the host updates the operating system directly.
Change Your PasswordsDespite its inconvenience, changing your passwords regularly for your hosting account, email addresses through the account, and FTP log-in information is essential to stay safe. If you're using the same log-in and password information on your server and a website that's hacked, a hacker has a better change to attack your web host and gain access to your account.
Do you have any server maintenance tips to share? Tell us in the comments.