via wpwhitesecurity.com => original post link
Due to their function, web servers are different from many other devices in a typical network environment—they are not only exposed to the internet by design, but they likely serve web traffic to complete strangers. Additionally, in many situations, web servers are likely serving dynamic applications such as WordPress websites or acting as proxies towards other internal applications. It is, therefore, no surprise that web servers pose as interesting targets for attackers.
Hardening a system refers to the process of improving a system’s defenses such that it makes it harder for a malicious hacker to compromise that system and gain a foothold within a network.
The process of hardening a web server will, of course, depend on the kind of web server you are using (e.g. Apache HTTP Server, Nginx, Microsoft IIS…), however, there are a number of core principles and best practices to improving your web server security that you should keep in mind, irrespective of which web server you are using.