One of the most daunting prospects of administering your own server on a public network is dealing with your server's security. While security threats in a networked world are real and it is always important to be mindful of security issues, protecting against possible attacks is often a matter of exercising basic common sense and adhering to some general best practices.
This guide takes a broad overview of common security concerns and provides a number of possible solutions to common security problems. You are encouraged to consider deploying some of these measures to "harden" your server against possible attacks.
It's important to remember that all of the solutions we present in this document are targeted at specific kinds of attacks, which themselves may be relevant only in specific configurations. Security solutions need to be tailored to the kind of services that you're providing and the software you're running, and the decision whether or not to deploy a specific security solution is often a matter of personal discretion and cost-benefit analysis.
Perhaps most importantly, it should be understood that security is a process, not a product (credit to Bruce Schneier.) There is no "magic bullet" set of guidelines that can be followed to ensure the security of any system. Threats are constantly evolving, so vigilance is required on the part of network administrators to prevent unauthorized access to systems.