Hello Dev, if you’re reading this article, then you probably understand that server security is not something that can be overlooked. With increasing cyber attacks, it is important to secure your Linux server from various threats. In this guide, we will explore the steps you can take to secure your Linux server and protect your data from hackers. So, let’s get started!
1. Keep Your Linux Server Updated
Keeping your Linux server updated is one of the most important steps in ensuring the security of your server. Regular updates ensure that security patches are installed, fixing any vulnerabilities that may have been discovered, and making it harder for hackers to break into your system. To stay up-to-date, you can simply use the update manager that comes with your Linux distribution.
Additionally, you can set up automatic updates using the following command:
| Command | Description |
|---|---|
| sudo apt-get update && sudo apt-get upgrade -y | Update and upgrade packages |
By running this command, your server will automatically download and install the latest security patches.
2. Use a Firewall to Protect Your Linux Server
A firewall is an essential part of any server security strategy. It acts as a barrier between your server and the outside world, allowing only authorized traffic to pass through. By setting up a firewall, you can effectively block malicious traffic, such as Denial of Service (DoS) attacks, brute force attacks, and other types of cyber attacks.
You can use the following commands to set up a firewall on your Linux server:
| Command | Description |
|---|---|
| sudo apt-get update | Update your package manager |
| sudo apt-get install ufw | Install Uncomplicated Firewall (UFW) |
| sudo ufw allow ssh | Allow SSH traffic |
| sudo ufw allow http | Allow HTTP traffic |
| sudo ufw allow https | Allow HTTPS traffic |
| sudo ufw enable | Enable the firewall |
Now your server is protected by a firewall that only allows SSH, HTTP, and HTTPS traffic through. If you want to allow other types of traffic, you can easily add them using the following command:
| Command | Description |
|---|---|
| sudo ufw allow [port]/[protocol] | Allow traffic on a specific port and protocol |
3. Harden Your Linux Server by Disabling Unnecessary Services
It is important to disable unnecessary services and protocols on your Linux server to reduce the risk of attacks. This means disabling any services that are not required for your server to function properly. For example, if you are running a web server, you can disable any services that are not related to web hosting.
You can use the following command to list all the services running on your Linux server:
| Command | Description |
|---|---|
| sudo service –status-all | List all services that are currently running |
To disable a service, use the following command:
| Command | Description |
|---|---|
| sudo systemctl disable [service] | Disable a service |
4. Use Strong Passwords and User Authentication
Using strong passwords and enabling user authentication is another important step in securing your Linux server. Weak passwords are easy to guess, making it easier for hackers to gain access to your server. It is recommended to use a combination of uppercase and lowercase letters, numbers, and symbols to create a strong password.
Additionally, you can enable user authentication to add an extra layer of security to your Linux server. This means that users must enter their username and password before they can access the server. To enable user authentication, you can use the following command:
| Command | Description |
|---|---|
| sudo passwd [username] | Change the password for a user |
| sudo apt-get install libpam-google-authenticator | Install two-factor authentication (2FA) |
With 2FA enabled, users will need to enter a verification code in addition to their username and password.
5. Monitor Your Linux Server for Suspicious Activity
Monitoring your Linux server for suspicious activity is another important step in ensuring the security of your server. This means keeping an eye on the logs and checking for any unusual activity, such as failed login attempts, unusual traffic patterns, or strange commands being executed.
You can use the following commands to monitor your Linux server:
| Command | Description |
|---|---|
| sudo tail -f /var/log/auth.log | Monitor the authentication log |
| sudo tail -f /var/log/syslog | Monitor the system log |
You can also set up a monitoring tool, such as Nagios or Zabbix, to monitor your server and alert you when something unusual happens.
6. Encrypt Your Data with SSL
Encrypting your data with SSL (Secure Sockets Layer) is another important step in securing your Linux server. SSL encrypts the data that is transmitted between your server and the client, making it harder for attackers to intercept and read the data.
You can use the following command to install SSL on your Linux server:
| Command | Description |
|---|---|
| sudo apt-get install openssl | Install OpenSSL |
| sudo a2enmod ssl | Enable SSL on Apache |
| sudo service apache2 restart | Restart Apache |
Once SSL is enabled, you will need to obtain an SSL certificate from a trusted Certificate Authority (CA) to secure your website.
7. Use Two-Factor Authentication for SSH
SSH (Secure Shell) is a popular protocol used to remotely manage Linux servers. However, SSH can also be a security risk if not configured properly. One way to enhance the security of SSH is to enable two-factor authentication (2FA).
To enable 2FA for SSH, you can use the following command:
| Command | Description |
|---|---|
| sudo apt-get install libpam-google-authenticator | Install Google Authenticator |
| sudo nano /etc/ssh/sshd_config | Edit the SSH configuration file |
Then add the following lines to the configuration file:
| Command | Description |
|---|---|
| AuthenticationMethods publickey,keyboard-interactive | Set authentication methods |
| ChallengeResponseAuthentication yes | Enable challenge-response authentication |
Finally, restart the SSH server using the following command:
| Command | Description |
|---|---|
| sudo service ssh restart | Restart the SSH server |
Now users will need to enter a verification code in addition to their username and password when logging in via SSH.
8. Harden Your Linux Server by Disabling Root Login
By default, the root account on a Linux server has unrestricted access to the system, making it a prime target for attackers. To reduce the risk of attacks, it is recommended to disable root login and use a regular user account to log in to your Linux server.
You can use the following command to create a new user account:
| Command | Description |
|---|---|
| sudo adduser [username] | Create a new user account |
Then grant the new user administrative privileges using the following command:
| Command | Description |
|---|---|
| sudo usermod -aG sudo [username] | Grant administrative privileges to the new user |
Now you can disable root login by editing the SSH configuration file:
| Command | Description |
|---|---|
| sudo nano /etc/ssh/sshd_config | Edit the SSH configuration file |
| PermitRootLogin no | Disable root login |
Finally, restart the SSH server using the following command:
| Command | Description |
|---|---|
| sudo service ssh restart | Restart the SSH server |
9. Use Secure FTP for File Transfers
FTP (File Transfer Protocol) is a popular method for transferring files between servers. However, FTP is not secure and can be easily intercepted by attackers. To protect your data during file transfers, it is recommended to use a secure FTP protocol, such as SFTP (Secure File Transfer Protocol) or FTPS (FTP over SSL).
To install SFTP on your Linux server, you can use the following command:
| Command | Description |
|---|---|
| sudo apt-get install openssh-server | Install OpenSSH server |
Then edit the SSH configuration file to enable SFTP:
| Command | Description |
|---|---|
| sudo nano /etc/ssh/sshd_config | Edit the SSH configuration file |
| Subsystem sftp /usr/lib/openssh/sftp-server | Enable SFTP |
Finally, restart the SSH server using the following command:
| Command | Description |
|---|---|
| sudo service ssh restart | Restart the SSH server |
10. Use Intrusion Detection and Prevention Systems
An Intrusion Detection and Prevention System (IDPS) is a software application that monitors network traffic for signs of suspicious activity. IDPS can help identify and prevent cyber attacks before they cause damage to your Linux server.
There are several open-source IDPS solutions available for Linux servers, such as Snort, Suricata, and OSSEC. These tools analyze network traffic and alert you when they detect any suspicious activity.
11. Use SSH Keys for Authentication
SSH keys are a more secure way to authenticate with your Linux server than using a password. SSH keys use public-key cryptography to establish a secure connection between your client and the server.
To use SSH keys for authentication, you need to generate a public and private key on your client machine. You can do this using the ssh-keygen command:
| Command | Description |
|---|---|
| ssh-keygen -t rsa | Generate a public and private key |
Then copy the public key to your Linux server using the ssh-copy-id command:
| Command | Description |
|---|---|
| ssh-copy-id [user]@[server] | Copy the public key to the Linux server |
Finally, edit the SSH configuration file to enable SSH key authentication:
| Command | Description |
|---|---|
| sudo nano /etc/ssh/sshd_config | Edit the SSH configuration file |
| PubkeyAuthentication yes | Enable SSH key authentication |
Now you can log in to your Linux server using your SSH key instead of a password.
12. Use SELinux to Enforce Security Policies
SELinux (Security-Enhanced Linux) is a Linux kernel security module that provides a mechanism for enforcing mandatory access controls (MAC) on Linux systems. With SELinux, you can define security policies that determine what actions a user, process, or application can perform on the system.
You can install SELinux on your Linux server using the following command:
| Command | Description |
|---|---|
| sudo apt-get install selinux | Install SELinux |
Then enable SELinux by editing the SELinux configuration file:
| Command | Description |
|---|---|
| sudo nano /etc/selinux/config | Edit the SELinux configuration file |
| SELINUX=enforcing | Enable SELinux |
Finally, restart your Linux server to apply the changes.
13. Use IPTables for Firewall Rules
IPTables is a Linux kernel firewall that provides packet filtering, network address translation (NAT), and other network security features. IPTables allows you to define rules that control incoming and outgoing traffic on your Linux server.
You can use the following commands to set up IPTables on your Linux server:
| Command | Description |
|---|---|
| sudo apt-get update | Update the package manager |
| sudo apt-get install iptables | Related Posts:
|