Server Configuration Management Plan
A new server is a blank slate, a basic operating system waiting to be configured, secured and put into service. While every server is different and may require the installation of different software packages, there are some common tasks that apply to all servers, regardless of operating system or purpose.
Here we present our basic server configuration management plan:
Step 1 – Plan your requirements
This may sound a bit obvious, but it is easily overlooked. By the time you buy your server,, you’ll already have an idea of what you are planning to do with it – whether it’s hosting a website, e-mail, database or some other purpose. This is fine, but to speed up your configuration it helps to know the requirements of your software. Are there other packages that it relies on? Are the packages all available in repositories, or will the source code need to be downloaded? Having a documented, or even better, a tested, plan for the software installation can help prevent mistakes and wasted time.
Step 2 – Secure your user accounts
The first task you should be performing on accessing your new server, should be to secure your user accounts. Most hosts provide you access using a superuser administrative account. It is recommended that you change the default password that this comes with and you ensure that the password you use is strong. We also recommend that you create additional user accounts for the users that will be managing your server ensuring those also have strong passwords and superuser access. With these accounts created the next step is to disable remote connections for the default administrator account.
Step 3 – Configure your firewall
The second task to perform is to set up your server’s firewall to block remote access as much as you can. Unless you are running a service such as a web server that needs to be accessible from all across the internet, then it’s recommended that you use your firewall to either block remote access to the service completely, or limit the number of IP addresses that can connect to it to the smallest number that you can. This is especially important for services that provide management access to the server such as SSH on Linux and RDP on Windows.
Step 4 – Update your server
The chances are that the image used to perform the initial installation of your server was created a number of months prior to when you get hold of it. Software updates come out daily and provide security and stability improvements for the software running on the server. It’s important that before you install any other software on the server that you ensure that what is already there is up to date.
Step 5 – Install and configure your software
While it’s tempting to rush on and get the software installed and configured first and worry about the other tasks later, it is important to secure things first. With the server secured you can take your time making sure the software installation is done correctly, something that is definitely aided with good planning at step 1.
Step 6 – Configure backups
A wise man once said “there are two kinds of people in the world, those who are yet to experience data loss, and those who have backups.” Many people don’t consider the importance of backups until they have a problem meaning that they need them. With the server installation fresh in your mind it should make things relatively easy to plan and create a backup system for the server. Remember that for added security it’s important to keep a copy of the backups away from the server in case a disk failure means you lose both your data and your backups.
Step 7 – Document everything
With the server secured, running and backing itself up, it’s an important time to create documentation for it. There’s nothing worse than having to deal with a problem on a server that has been set up so long ago that everyone has forgotten exactly how it works. Much time becomes wasted by learning how it works, that could be spent fixing the problems with the aid of adequate documentation. How you choose to make and store this documentation is up to you but making sure it is done is important