5 Common Server Misconfigurations and How to Fix Them

5 Common Server Misconfigurations and How to Fix Them

Running a server—whether it’s for a game, application, or website—comes with more responsibility than just keeping it online. Many performance, security, and access issues come down to misconfigurations. Here are five of the most common server setup mistakes and how to fix them.


1. Exposing Admin Services to the Internet

Leaving RCON, database ports, remote panels, or even SSH exposed to the public internet is a common but dangerous mistake. If these services are not firewalled, anyone can attempt to access them.

Restrict access to trusted IPs using your firewall or hosting provider’s tools. Bind critical services to internal IP addresses when possible, and always disable services you don’t need. If you're on EUGameHost, use the Edge Firewall Manager to define exact IP allowlists per service.


2. Forwarding the Wrong Ports

Incorrect or unnecessary port forwarding often leads to connectivity issues, or worse — exposes your server to abuse. We've seen many users forward everything out of habit, but this opens you up to scanning bots and exploits.

Only forward the ports you need (e.g. game port, query, RCON). Use tools like YouGetSignal or CanYouSeeMe to confirm which ports are visible externally. Avoid forwarding admin ports unless absolutely necessary, and never to 0.0.0.0 if you don’t need external access.


3. No Automated Backups

Too many servers still rely on "hope and luck" when it comes to backups. If you're not backing up daily (or hourly for active environments), you're risking total loss in the event of a crash or corruption.

Set up simple batch scripts or cron jobs to copy key folders like /Saved, configs, or databases to a backup location. Store them off-server when possible — such as on a different disk, network share, or remote FTP. Automating this takes minutes and can save you from disaster.


4. Weak or Default Passwords

Yes, people still run servers using admin:admin or root:1234. These credentials get scanned for constantly.

Use strong, randomly generated passwords for everything — FTP, control panels, SSH, RCON, etc. Store them in a password manager like Bitwarden. If your software supports 2FA or token-based auth, turn it on. If you’re running panels, make sure they're updated and secured with HTTPS.


5. No Crash or Performance Monitoring

Running blindly is one of the worst ways to host. Without monitoring, you won’t know when your server crashes, runs out of RAM, or gets attacked — until players tell you, or it's too late.

At minimum, use uptime checkers like UptimeRobot or Cronitor. For more advanced setups, tools like Grafana + Prometheus can give deep insight into CPU, memory, disk I/O, and game-specific metrics. Logging and alerting are your friends—use them. We covered how to set up Grafana-based monitoring in another guide here if you want to take it further.


Summary

These misconfigurations are all avoidable, yet incredibly common. With just a few tools and tweaks, you can avoid 90% of the issues that plague new (and even experienced) server admins.