A web server is used to make content available to a wide audience. At the same time, this means that third parties interact with the server. As a rule, there are (mostly automated) attacks on web servers several times a day. The goal here is to obtain protected data by exploiting security vulnerabilities or to abuse the server for criminal purposes.
In addition to attacks from the outside, long-term operation will also confront you with problems that come from within: Users accidentally deleting their survey projects and data, hard disks running full or insufficient computing power.
It has proven to be useful to run a survey server (which often processes personal data) on a separate server or in its own VM. This has two advantages: Firstly, the software (web server application, PHP) can be updated regularly without regard to other software. On the other hand, one avoids the risk that security vulnerabilities in other software (e.g. an unupdated WordPress instance) allow access to the server and thus to survey data. Therefore, the GDPR also explicitly refers to the separation of data processing operations.
To ensure secure server operation, the following points must be observed:
iptables
)chkrootkit
and rkhunter
)unattended-upgrades
)duply
).mysqldump
) incl. backup of the dump – here we recommend a retention for 1 month or 12 months if the automatic archiving of survey projects is used (users often notice only after 9 months that their important survey project has been deleted)monit
and munin
)