I’m working on a guide focused on securing Linux servers and I’d like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated
You are viewing a single thread.
View all comments 3 points
Not a full list, just some ideas for personal servers.
- Make sure that only the services are exposed that you want to have exposed. For example, a webserver with PHP and mariadb probably does not need to have mariadb reachable from the network.
- Check the default config of all the programs you install. The default is often not the most secure option.
- Have secure authentication on every service on the server. Change all the default passwords.
- DO NOT disable security features like selinux.
- Document your setup, the specific changes you made and make and test backups.
Please be aware that the requirements in a business environment might be different.
