Security is an ongoing process and no matter how much effort you put, you can never be fully secured as there is no such thing as “fully secured”. But you must be proactive towards security of your resources, and always use best practices. Ubuntu Linux is my server of choice, in fact this very blog is running on a Ubuntu server and whenever I deploy a new server, my first preference is always to secure the server against most frequent and common attacks. In this blog post I am going to list some of the practices that I follow regarding securing a newly installed server.
So here we go
- Update the system with latest security patches and bug fixes. Its pretty straightforward task in Ubuntu, you just need to issue the following two commands. Make sure that your internet is working:
sudo apt-get update sudo apt-get upgrade
- Change the root password to something very complex and hard to remember. Just issue the following command and type in the new password:
- Change the default ssh port to something hard to guess. This is to discourage the script kiddies from brute-forcing your server through ssh. In order to do that you have to edit a config file located in /etc/ssh/sshd_config and look for a line like below, un-comment it and change the default port number to your desired value
# Port 22
- Setup the firewall, Ubuntu comes with and UFW (UncomplicatedFirewall) which is basically an interface to the iptables. Just run the below commands to activate the firewall with most basic configuration and it will sufficient against most frequent attacks.
sudo ufw enable sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw allow 22/tcp (instead of 22, use your configured ssh port here) sudo ufw allow www sudo ufw allow ftp
You can tweak the firewall rules as per your requirements. You can refer to the official documentation here
- Install fail2ban. It is an IPS(intrusion Prevention Software) framework written in python that protects computer servers from brute-force attacks. Just issue the following command and you are good to go as fail2ban is well configured out of the box.
sudo apt-get install fail2ban
If you want to have in-depth knowledge regarding linux security you can get this book called Real World Linux Security. If you have any suggestion regarding the content of this post you can comment below.