Chapter 32. Securing the server(s) on which your Evergreen installation runs
An Evergreen installation requires interaction between many different components and, depending on the size of your consortium and how many servers you have, it can range from quite complex to extremely. That said, there are a number of standard guidelines that you can follow to secure your server.
-
Keep your server up-to-date. Apply security updates as soon as possible when they come out to prevent your system from being exposed to a known vulnerability.
-
Pay close attention to account administration on the server. Do not give any user on the server more power than they need.
-
Disable services that you do not need.
-
Pay attention to your system’s log files to see what kind of activity is happening and notice anything unusual.
-
A central idea to server security is to make it unreasonably difficult for anyone who tries to compromise your system. Let them choose targets more vulnerable than yours.
This topic is very rich and there are many resources available, both in print and on the web. It is worth your time to learn more.