How to secure your Linux servers?
A detailed thread with examples 👇
A detailed thread with examples 👇
1/14: Keep ur system up-to-date by regularly applying patches and updates. This ensures that your system is protected against known vulnerabilities.
Use the package manager of your distribution to update the system and applications.
Use the package manager of your distribution to update the system and applications.
For example, in Ubuntu, you can use the apt command to update the system:
$ sudo apt update && sudo apt upgrade
$ sudo apt update && sudo apt upgrade
2/14: Disable unnecessary services and applications that are not required for your server to operate. These services and applications can expose your server to attacks. Use the systemctl command to disable and stop services.
For example, to disable the Apache service in Ubuntu, you can use the following command:
$ sudo systemctl disable apache2
$ sudo systemctl disable apache2
3/14 : Use strong passwords for all user accounts on your system, including the root account. Strong passwords should be at least 12 characters long and should include a mix of uppercase and lowercase letters, numbers, and special characters.
Use the passwd command to set a new password:
$ sudo passwd username
$ sudo passwd username
4/14: Use firewall rules to restrict access to your server. You can use the ufw command in Ubuntu to set up firewall rules. For example, to allow SSH access from a specific IP address, use the following command:
$ sudo ufw allow from 192.168.1.100 to any port 22
$ sudo ufw allow from 192.168.1.100 to any port 22
5/14: Use SSH key-based authentication to secure SSH access to your server. This method is more secure than password-based authentication because it uses public-private key cryptography. Generate a new SSH key pair using the ssh-keygen command:
$ ssh-keygen -t rsa -b 4096
$ ssh-keygen -t rsa -b 4096
6/14: Use encrypted connections when transferring sensitive data between your server & other systems. For example, use HTTPS instead of HTTP for web traffic, and use SFTP instead of FTP for file transfers. Install & configure SSL certificates for your web server to enable HTTPS.
7/14: Regularly monitor your system logs for suspicious activity. Logs can help u detect & respond to security incidents. Use the journalctl command to view system logs.
For eg, to view the last 100 lines of the system journal, use the following cmd:
$ sudo journalctl -n 100
For eg, to view the last 100 lines of the system journal, use the following cmd:
$ sudo journalctl -n 100
8/14: Use intrusion detection/prevention systems to detect/prevent attacks. Install & configure security tools such as fail2ban, which can automatically block IP addr's dat show suspicious behavior.
For eg, use the below cmd to install fail2ban in Ubuntu
$ apt install fail2ban
For eg, use the below cmd to install fail2ban in Ubuntu
$ apt install fail2ban
9/14: Regularly perform backups of your system data to protect against data loss and system failures. Use backup tools such as rsync or tar to create backups of important files and directories.
For example, to create a backup of the /etc directory, use the following command:
$ sudo tar -czvf etc-backup.tar.gz /etc
$ sudo tar -czvf etc-backup.tar.gz /etc
10/14: Use 2-factor authentication to add an extra layer of security to ur login process. It requires a user to provide a password & a second factor such as a token or code sent to their phone. u can use tools like Google Authenticator or Authy to set up 2-factor authentication.
11/14: Use strong encryption for sensitive data on ur server. For eg, use LUKS (Linux Unified Key Setup) to encrypt ur drive, or use GPG (GNU Privacy Guard) to encrypt individual files.
Eg of how to encrypt a file using GPG:
$ gpg --output file.gpg --symmetric file.txt
Eg of how to encrypt a file using GPG:
$ gpg --output file.gpg --symmetric file.txt
12/14: Limit access to sensitive files and directories by using file permissions. Use the chmod command to set permissions for files and directories.
For example, to set read, write, and execute permissions for the owner, and read-only permissions for everyone else, use the following command:
$ chmod 755 file.txt
$ chmod 755 file.txt
13/14: Use strong encryption for network traffic to protect against eavesdropping & data theft. Use tools like OpenVPN or WireGuard to create encrypted virtual private networks (VPNs) for secure remote access.
To install OpenVPN on Ubuntu:
$ sudo apt install openvpn
To install OpenVPN on Ubuntu:
$ sudo apt install openvpn
14/14: Regularly audit your server's security configuration to ensure that it remains secure over time. Use tools like Lynis or CIS-CAT to perform security audits and identify potential vulnerabilities.
Here's an eg of how to install Lynis on Ubuntu:
$ sudo apt install lynis
Here's an eg of how to install Lynis on Ubuntu:
$ sudo apt install lynis
These a few tips to help you secure your Linux server. By following these best practices and regularly monitoring your system, you can help protect your server and the data it contains from security threats.
Retweet the thread if you find it useful. Thanks!
Loading suggestions...