Notifications
Clear all

5 Essential Security Measures for Linux Servers


(@sravan)
Script Novice
Joined: 10 months ago
Posts: 39
Topic starter  

I'd like to share five crucial measures that should be part of your security protocol. While I'll be demonstrating these steps using Fedora, the principles largely apply across other Linux distributions with slight variations in commands or package management tools.


1. Keep the System Updated

Regular updates are vital for patching security vulnerabilities, fixing bugs, and enhancing system performance. Ensure your system is up-to-date with the latest packages.

Example:

To update your Fedora system, you can use the dnf package manager:

sudo dnf update -y

Expected Output:

You'll see a list of packages being updated, followed by a completion message. If everything is up to date, it will indicate that no actions were taken.

2. Configure a Firewall

Firewalls are essential for controlling incoming and outgoing traffic based on defined rules. Fedora comes with firewalld as a default firewall management tool.

Example:

First, ensure firewalld is enabled and running:

sudo systemctl enable --now firewalld

Then, you can check the default zone and its active interfaces:

sudo firewall-cmd --get-default-zone sudo firewall-cmd --list-all

Expected Output:

You'll see the default zone (usually public) and the list of active rules and interfaces for that zone.

3. Secure SSH Access

Securing SSH access is critical to prevent unauthorized access. Consider changing the default SSH port, disabling root login, and using key-based authentication.

Example:

Edit the SSH configuration file:

sudo nano /etc/ssh/sshd_config

Make the following changes:

  • Change #Port 22 to Port 2222 (or another non-standard port).
  • Set PermitRootLogin no to disable root login.
  • Ensure PasswordAuthentication no is set to enforce key-based authentication.

Restart the SSH service to apply changes:

sudo systemctl restart sshd

Expected Output:

No direct output for configuration changes, but restarting SSH should not produce errors.

4. Implement Fail2ban

Fail2ban scans log files for multiple failed login attempts and temporarily bans IPs exhibiting such patterns.

Example:

Install Fail2ban:

sudo dnf install fail2ban

Enable and start the service:

sudo systemctl enable --now fail2ban

Expected Output:

You'll see the installation process, followed by Fail2ban starting up without errors.

5. Setup Regular Backups

Regular backups are your safety net. Tools like rsync can be used for incremental backups.

Example:

To backup your /home directory to an external drive mounted at /mnt/backup_drive, use:

sudo rsync -aAXv /home/ /mnt/backup_drive/home_backup

Expected Output:

Rsync will list the files being backed up, along with a summary of the backup operation.


Implementing these steps is a starting point for securing your Linux servers. However, security is an ongoing process, involving regular audits, updates, and adapting to new threats. I hope you found it helpful!

This topic was modified 10 months ago 2 times by John Smith

   
Quote
Topic Tags
Share: