Find secure server options without breaking the bank!
Find secure server options without breaking the bank!
I would suggest abandoning passwords immediately, regardless of how strong they seem. Opt for cert only auth—Windows likely has a rule for that. I’m fairly confident winRM can handle it, and smart cards are another option. Limit open ports strictly; it’s tough to manage, but necessary. Only allow access through specific IP ranges. I’m uncertain if win servers support this, but a Linux tool called fail2ban can block repeated failed attempts, making brute-force harder. This could really deter attackers. Sorry, I’m not very experienced with win servers. There are probably guides for basic security on Windows servers. Keep updating your systems promptly.
We are switching to Server 2016, which was the initial request from our hosts. I’m far from the server—it’s located thousands of miles away!
Is it a real physical system or just a virtual machine? I’ll run everything inside a VM. You have Hyper-V on Windows, but I’d check another hypervisor such as ESXi or Proxmox. If it’s already a VM, snapshots are straightforward—similar to AWS EC2.
No, sadly, it is a full dedicated server. Would you like the specs? I tell you, they are "not to shabby"!!
Consider deploying each server in its own virtual machine. Use the host as a hypervisor to manage them.
Hypervisor setup overview. I own two Intel Xeon X5650 processors, 72GB of DDR3 RAM at 1600MHz, 240GB SSD with a 56GB page file—currently all four DIMMs are used. This gives us about 128GB of virtual memory. I have a 1TB WD Black drive (7200RPM, 32MB cache) running the servers, plus a 1TB Seagate HDD for installers and game server maps, and two 1TB HP hard drives that I might use for virtual machines later. There are still three drive bays available, so I could add more drives eventually—possibly three 2TB WD Blacks in the future. The WD Black is considered a top-tier storage solution for our game servers, and if you know of a better option, feel free to share.
I couldn't afford a full SSD setup because it would require tons of storage for all our game servers. I settled for a mix: an SSD for Windows to speed up restarts and a high-performance drive (WD Black) dedicated to the games. The rest of my drives are used elsewhere. Hosting websites on the server would be risky, especially with another ransomware attack like the one mentioned earlier—losing everything would be a big problem.
Configure virtual machines to address several security concerns. In future setups, consider using WD Red, Red Pro, Gold, Seagate IronWolf, or Exos. Avoid using desktop drives in servers, as this can cause problems. You might benefit from caching the HDD with an SSD, which would be significantly faster and more cost-effective than relying solely on SSDs.
We have logging turned on. The files are kept under about 2MB each, and we intend to move them to Google Drive for backup. According to my understanding, WD Red is meant for NAS setups rather than handling heavy tasks like game servers. Please let me know if I'm incorrect. I’m aware WD Blacks are desktop units but the only ones I know that meet the performance needs for our servers. We began with a 5400rpm drive, but loading was slow and required optimization. I think an SSD could work well as a cache, though SSDs at our scale are expensive compared to HDDs, which are much cheaper. Right now we use a 240GB SSD running Windows and programs, plus four 1TB HDDs—one of which is the WD Black I mentioned earlier. I have 72GB of RAM, which is helpful, and I also have a 56GB page file on the SSD giving a virtual 128GB memory space.