Server Security

[MegaPixel]

Hi All,

Work continues as we plan to move my current forum onto XenForo later this year. However, this is the first server (Ubuntu 16.04) that I've ever had and managing, so undoubtedly I have a bit of practice to go! What advice/essentials would you say is required to help security on a server? and for an Xenforo in general.

I'm also considering setting up my forum to be HTTPS, do you consider this as a 'needed' addition to help secure the forum?

Anything and any advice would be great.

 

[Tom]

There definitely isn't a shortage of guides/tutorials out there with regards to properly setting up a web server. What you need massively depends on whether you chose to use Apache or Nginx, or possibly even a combination of the two if you require a more specialised setup.

I'd say that HTTPS is an absolute must now. Chrome and other browsers are rightly encouraging all site owners to use HTTPS more and more.

If you're unsure about running a server, it may be a better idea to go for a managed solution where your host manages everything for you. If you need advice of who to go with give me a shout.

 

[MegaPixel]

Hi Tom,

We're using Apache at the moment.

I've been looking through all sorts of guides. Overall, I did consider a managed solution, and that may be something we do/consider in the future, although I'd like to learn as much as I can about securing our own server/forum, as this will help make sure I'm aware of what is going on at all times.

 

[TPerry]

Is there a specific reason you went with Ubuntu?
A very high performing setup can be easily had by simply using CentOS and @eva2000's CentMin Mod. You get the beauty of nginx speed, the easy ability to change PHP versions pretty much at will, easy integration with LetsEncrypt SSL, and the stability of CentOS.
I used to do the "roll your own thing" with Debian - but decided to go the CentOS/CentMin route since I don't have the time to devote to setting up the stack individually like I used to.
The only thing that CentOS/CentMin does not do is set up your MTA for you - but I'm getting where I prefer to use an outside SMTP service like SparkPost.

 

[fly]

Is there a specific reason you went with Ubuntu?
A very high performing setup can be easily had by simply using CentOS and @eva2000's CentMin Mod. You get the beauty of nginx speed, the easy ability to change PHP versions pretty much at will, easy integration with LetsEncrypt SSL, and the stability of CentOS.
I used to do the "roll your own thing" with Debian - but decided to go the CentOS/CentMin route since I don't have the time to devote to setting up the stack individually like I used to.
The only thing that CentOS/CentMin does not do is set up your MTA for you - but I'm getting where I prefer to use an outside SMTP service like SparkPost.

I'm a recent convert as well. And yeah, these days it's just not worth it to run your own mail.

 

[MegaPixel]

Ubuntu was a recommended choice due to how user-friendly it was. So far we're actually at the point of having our forum setup, along with the server. I'm just a bit anxious regarding security and what's in place. The articles I've seen have been of little help, mostly just saying anti-virus isn't needed, take backups. But I'm thinking security in terms of minimizing the threats of say hacking, etc.

Last night, I've also set up my forum to force HTTPS, so that's also an addition now too.