Physically Securing Equipment
Guarding your server from external assault is simple if it is in a locked cage at a co-location facility. However, if you have your server located on your premises, following are a few tips for physical security of the hardware:
- If economically possible, put your server in a locking cage and restrict access to it.
- If no cage is available, then place your server in a locked room (with proper cooling and fire safety protection).
- Use a locking bezel (front cover), if available, on your hardware.
- Use password protection for the console or startup if the server's BIOS (firmware) offers it.
- Disable unnecessary ports. These include things like unused serial or parallel ports, any FireWire ports, or unused NICs. Use caution when disabling USB ports, however, because they are often needed for mice and keyboards.
For the most part, if a server is in a locked room, with access control for that room, then you should be fine.
Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
