I’m working on a guide focused on securing Linux servers and I’d like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated

  • cron@feddit.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Not a full list, just some ideas for personal servers.

    • Make sure that only the services are exposed that you want to have exposed. For example, a webserver with PHP and mariadb probably does not need to have mariadb reachable from the network.
    • Check the default config of all the programs you install. The default is often not the most secure option.
    • Have secure authentication on every service on the server. Change all the default passwords.
    • DO NOT disable security features like selinux.
    • Document your setup, the specific changes you made and make and test backups.

    Please be aware that the requirements in a business environment might be different.