What Are Current Web Server Security Threats?
Because web servers are designed to allow Internet access, one of the recurring problems with web servers is the firewall controls that are put
in place. They must allow and prevent Internet access. A firewall should be in place to block any threat to the server and the sites hosted on it that may come from outside the network. The firewall should ban IP addresses, such as those from an unsecured proxy server that is known to present security threats, as well as any others that you find problematic.
Port 80 is the ubiquitous http protocol port. This port lets your computer access the Internet. By the same token it allows anyone on the Internet to access your computer, or web server. Port control is essential because computers can have many open ports, and a hacker can access them by doing a port scan. Actually, there are 65,535 available (logical) ports on a PC. So if they are not monitored closely, they can allow intruders into the system.
Another problem that comes with Web servers is the potential for web site defacement. Web servers host Internet web pages. They are exposed all the time and can be easily changed or modified. This is due to the fact that the html file is easily modifiable; even the more advanced software web systems can be changed with little effort.
The nature of malware has changed over the last 10 years. A virus could simply contaminate your system and wreak havoc. It could copy files,
delete files, or send copies of itself out using you e-mail contact addresses. Now some malware can take over your computer, and you may not even know it. Your web server could be the source of a bot attack, where your computer is the source of malware that would spread to other computers on the internet or local network, and you may not even be aware that the web server is such a hosting site.
Web servers run many services by default. Typically network services that won’t be used in a web server such as remote registry services, print server service, and remote access service are installed. The more services running on an operating system, the more ports will be left open, which in turn leaves more open doors for malicious users to abuse. You should only have those services operational that are necessary to run the system.
Remote access into the web server should be eliminated if possible, or certainly restricted. As a practical and secure matter, if you need to login to a web server you should login to web servers locally. Use remote access only if needed, and if you do use remote access, make sure that the connection is properly secured with tunneling and encryption protocols. When possible use security tokens and other single sign-on software. Also, remote access should also be restricted to a specific number of IPs and to specific accounts only.
Security issues with web servers are more likely to come up because by their very nature web servers are exposed to the Internet. In general, it is a good idea to limit operations and services to just those that need to be in operation. Following security protocols is important, and setting up firewalls, IP restrictions, and virus protection software is important also.
Acunetix. Web server security and database security. Retrieved at https://www.acunetix.com/websitesecurity/webserver-security.htm
HTML Goodies. Home web server security part 1. Retrieved at https://www.htmlgoodies.com/beyond/security/article.php/3604136/Home-Web-Server-Security-Part-1.htm