Installation and Maintenance

6.8. Installation and Maintenance#

6.8.1. Installation#

Each installation of software will require different steps. However for a new web app you would at least need to do the following:

  1. Harden any code e.g.

  • Disable DEBUG mode on your flask app

  1. Prepare and configure a web server connected to the internet

  • Install any necessary software (Python, web server (e.g. NGINX), databases etc)

  • Configure a script or use a service manager (e.g. systemd) to run all software and services automatically on startup

  1. Place the code on the server

6.8.2. Maintenance#

To ensure that your app is secure, it is best to perform regular maintenance to protect against newly discovered vulnerabilities and to setup a monitoring system to detect when problems arise.

Updating and Patching#

  • Libraries and frameworks change over time, often fixing security vulnerabilities. You should regularly update to safe, stable versions - after testing of course!

  • The host operating system should also be updated with security patches as they are released.

Monitoring#

You can monitor in built system logs for anomalies. However there is off the shelf software like Zabbix and Nagios that can provide a greater level of detail and web interfaces for monitoring servers to make your life easier.

Backups#

If you are storing data for your web app you should have automated backups to ensure that data can be recovered if there is a security incident or system failure leading to data loss.

Handling Breaches and Recovery#

Even well-designed systems can experience a security breach. Secure software maintenance includes planning how the team will respond if something goes wrong.

Incident response is the process used to detect, contain, investigate, and recover from a security incident. For example, if an attacker gains access to an account, the team may need to disable the account, reset affected passwords, review logs, patch the vulnerability, and notify affected users.

Business continuity focuses on keeping the most important services available during a disruption. This might involve using monitoring alerts, fallback systems, manual workarounds, or prioritising the features that users need most.

Disaster recovery focuses on restoring systems and data after a major failure. Backups, restoration procedures, replacement infrastructure, and documented recovery steps are all part of disaster recovery planning.

Hardening, monitoring, backups, incident response, business continuity, and disaster recovery work together. Hardening reduces the chance of a problem, monitoring helps detect it, and recovery planning reduces the damage if the problem cannot be prevented.

6.8.3. Glossary#

Harden#

To configure code or systems to reduce security risk, such as disabling debug mode in production.

Web server#

Server software connected to the internet that serves a web application.

Service manager#

Software used to run services automatically on startup.

Monitoring system#

Software or processes used to detect problems and unusual behaviour in running systems.

Security patch#

An update that fixes a security vulnerability.

System log#

A record of system events that can be monitored for problems.

Anomaly#

Unusual behaviour that may indicate a problem or security incident.

Automated backup#

A backup created automatically so data can be recovered after a security incident or system failure.

Security breach#

An incident where an attacker or unauthorised person gains access to data, accounts, systems, or functionality.

Incident response#

The process used to detect, contain, investigate, and recover from a security incident.

Business continuity#

Planning that helps important services continue during a disruption.

Disaster recovery#

Planning and procedures used to restore systems and data after a major failure.