Security Features: Web Server Connect Network

SSL certificate
A public key or digital certificate uses a public key and a private key to allow secure communication between a client program (web browser, email client, etc.) and a server through an encrypted SSL (Secure Sockets Layer). or TLS (Transport Layer Security) connection.

The certificate is used both to encrypt the initial stage of communication (secure key exchange) and to identify the server. The certificate includes key information, server identity information, and the digital signature of the certificate issuer.

If the software initiating the communication trusts the sender and the signature is valid, then the key can be used to communicate securely with the server identified by the certificate. Using a certificate is a good way to prevent "man-in-the-middle" attacks, where someone between you and the server you think you're talking to can insert their own (harmful) content.

Using a certificate is a visual way of showing visitors that they can trust you and is much more effective than anything else you can say about yourself.
 

Google made changes to their algorithm back in 2014 to prioritize websites that used an SSL certificate, and they've continued to emphasize certificates ever since.
 

Most major browsers, including Google Chrome, Firefox, and Edge, will display prominently when users access a site over a secure connection. In Chrome, for example, you'll see a green lock icon in the address bar along with a message that says "secure." Users can view more details about the SSL certificate by clicking on it.

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

firewall

A firewall controls incoming and outgoing network traffic according to predefined security rules. It typically establishes a barrier between a trusted (internal) network and an external, untrusted network, such as the Internet.

UFW a firewall designed to be easy to use developed by Ubuntu. Use the command line to configure iptables.

iptables is a utility program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores. Different kernel modules and programs are used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames

​

​

​

​

​

​

​

​

​

​

​

Backups / Backups / Snapshots

The advantages come from the speed of replication and the ease of cloning servers or machines. The speed of restoring a server or computer with a VSS or snapshot is seconds since it is at the data source, while a backup is a slower process (this is due to the fact that the data is on an external device and the restoration time will vary depending on the transmission speed).
 

They are very convenient to improve the response time in the event, for example, of an important change or an error when updating a software.
Having made the snapshot, it will go back to the exact moment before that failure occurred.
They are quick to create and have a low impact on production.
They are perfect for servers that need to have a high availability of a server and it is not possible to stop it
to make a backup, in this way the service is not interrupted.

​

Anti-DDoS

The term DDoS (Distributed Denial of Service) attack refers to the overloading of a server or service, which is the target of the attack, by sending a large number of requests, often useless, so that the server or service is not able to carry out their usual tasks. The server or service is proverbially "destroyed", it is no longer possible to access it through the Internet, as long as the attack continues.
 

Unfortunately, DDoS attacks are gradually becoming a more common occurrence on the Internet. Without effective DDoS protection, the attacked servers would be unavailable on the Internet for a long time.
 

In order to protect the customer from such attacks and their accompanying availability issues as best as possible, internal DDoS protection is in place. It is automatically activated for all servers.

Videoconferencing server security

When the Video Conference server is protected with a Transport Level Security (TLS) certificate, all downloading of content from the server to the user's browser is done via Hypertext Transport Protocol Secure (HTTPS).
When a front-end makes an API request, the server validates the incoming server checksum calculated from a secret key. If the checksum fails, the request is ignored. When the Video Conference client loads, it makes data connections to the server using an HTTPS encrypted web socket connection. When the server shares the user's audio, video, or screen, the browser uses the built-in Web Real Time Communication (WebRTC) libraries that transmit Real Time Protocol (RTP) packets over the User Datagram Protocol ( UDP) through the datagram transport layer. Security (DTLS). Additionally, to provide communications privacy for datagram protocols, media packets are encrypted using Secure Real-Time Protocol (see SRTP).

Confidentiality

Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

​

• Proven operation with SSL encryption certificates (HTTPS protocol) allows all communication from the user's computer/tablet to the server to be encrypted back and forth.

​

​

​