CentrioHost Blog

Stories and News from IT Industry, Reviews & Tips | Technology Blog


HOW TO PROTECT YOUR CENTOS 7 SERVER FROM MALWARE

Protecting systems and dealing with malware is increasingly becoming a critical task for Linux server administrators.

With the rapid expansion of the internet, the number of attacks has multiplied and the threat of hacking or infection has increased.

You can now be certain that any website exposed to the Internet and every server with an open public IP address will be constantly scanned by bots that try to take advantage of any vulnerability. If they can find one, they will install malware on your system.

A CentOS sysadmin must know how to enforce a solid security policy and how to remove any malicious code if a server is infected, we will teach you how to achieve these goals.

STAY UP TO DATE

Most server attacks are based on known software vulnerabilities. Developers are usually quick to release patches for their applications that fix these issues, so it is very important to install them as soon as possible and make sure that your system is always updated.

There are several ways to handle updates. If you subscribe to the CentOS mailing list, you will be notified of all new patches, as well as their severity. You can also setup most applications to send you an alert every time when a new patch is released.

Another option is to set up a cron job that will check yum repositories for updates at fixed intervals and either notify you or install them automatically. The package yum-cron is very convenient for this purpose.

However, many people choose to handle updates manually, for very good reasons. New packages can break the functionality of the server, so it is important to read the release notes carefully before installing them.

Some updates, such as new kernel versions, require a reboot so they have to be scheduled during periods of low activity on production systems.

USE SELINUX

Many system administrators dislike SELinux and don’t know how to use it, so they disable it outright on all of their systems.

It is a serious mistake because this tool can be very valuable for protection once you learn how it works.

SELinux is an access control system that makes sure users and processes are only allowed to use the resources they actually need. If the Apache service is compromised for example, the attacker will be unable to do any serious damage to the system.

You can set SELinux to permissive mode in order to check the logs and understand the system, before enforcing it.

IMPLEMENT A STRONG PASSWORD POLICY

In order to protect the server from brute force attacks, make sure that you enforce a strong password policy.

Passwords must have a minimum length, with a mixture of under case and uppercase letters, numbers and symbols. Users should be required to change their passwords at regular intervals, without reusing old ones.

For even better security, use a two-factor authentication system or completely disable password logins and rely on public-key cryptography instead.

SCAN YOUR SERVER

Installing an antivirus can protect your server from malware and clean any infected files that might be present.

There are many options you can consider, both paid and open source. Just like on Windows systems, some of the best commercial solutions are the Linux versions of Bit Defender, Eset Nod32 or Avast.

Among the most popular free options are Maldet, Sophos or Rootkit Hunter.

Some antiviruses are available as plugins for control panels like WHM or Plesk. ClamAV can be installed for free in cPanel, while Immunify360 is a commercial plugin from the developers of Cloud Linux.

PREVENT INTRUSION

The simplest way to prevent intrusion is to configure a very restrictive firewall; you can use the basic iptables for this purpose or more complex tools like firewalld (default in CentOS) or CSF (which also offers integration with WHM).

The most advanced protection systems available also monitor server logs for any attacks and proactively ban or block any IPs with suspicious activity, such as password login failures or attempts to use exploits.

Some of these systems are available for free, for example Modsec is a web-based firewall integrated with Apache, CPHulk protects cPanel services while lfd is a tool integrated with CSF that prevents brute-force attacks.

More advanced systems are licensed by the top antivirus providers already mentioned.

In order to boost the security of your system, you can also hire a penetration testing company that will simulate a variety of attack vectors and alert you of any vulnerabilities as well as how to fix them. Since penetration scanning can generate serious load on the server, it is better to schedule it at night.

 

Securing a Linux server is a very complex task and no system can ever be completely safe from attacks. The steps described in this article are a quick way to protect your CentOS 7 machine from the most common types of malware.

Subscribe Now

10,000 successful online businessmen like to have our content directly delivered to their inbox. Subscribe to our newsletter!

Archive Calendar

SatSunMonTueWedThuFri
 123456
78910111213
14151617181920
21222324252627
28293031 

Over 20000 Satisfied Customers!

  • web hosting reviewer
    Valerie Quinn
    CTO, Acteon Group

    Centriohost staff were fantastic, I had a concern with a domain and they got back to me very quickly and they helped me to resolve the issue! ~ . . . Read more

  • Joomla hosting reviewer
    Collin Bryan
    Photographer, Allister Freeman

    I'm using centrio for my portfolio since 2006. The transition was seamless, the support was immediate, and everything works perfectly. ~ . . . Read more

  • dedicated server reviewer
    Harry Collett
    Actor, A&J Artists

    Very easy to understand & use even though I am not very technologically minded. No complications whatsoever & I wouldn't hesitate to recommend it to all. ~ . . . Read more

  • vps web hosting reviewer
    Porfirio Santos
    Technician, Diageo PLC

    Centrio support team have been amazingly responsive and helpful to any of my queries, thank you so much to the Centriohost have been amazingly responsive and helpful to any of my queries πŸ‘πŸ‘πŸ‘ ~ . . . Read more

  • wordpress hosting plans reviewer
    Catherine Auer
    Doctor, SmartClinics

    Anytime I've had a problem I can't solve, I've found Centriohost to be diligent and persistent. They simply won't let an issue go until the client is happy. ~ . . . Read more

  • reseller hosting reviewer
    Effectivo Social
    Freelancer, Fiverr

    Recommend their shared hosting for all my SME web design clients. Their cloud or VME offerings are too great to deal with. Pricing is perfect and suitable for all users (Ν β‰– ΝœΚ–Ν β‰–) πŸ‘Œ ~ . . . Read more

Top