πŸ” How to Secure Your Linux Server Against Cyber Threats

on

Securing your Linux server against cyber threats is crucial for data safety and system stability. As cyberattacks become more sophisticated, applying fundamental security measures can protect your server from unauthorized access and breaches. In this article, we will explore essential techniques to enhance your Linux server security.

1. Keep Your System Updated

Updating your operating system and installed software ensures vulnerabilities are patched.

sudo apt update && sudo apt upgrade -y
sudo dnf update -y

Enable automatic security updates:

sudo apt install unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades

2. Use a Firewall (UFW or IPTables)

A firewall helps control traffic and block unwanted connections.

Using UFW:

sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status

Using IPTables:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -A INPUT -j DROP
sudo iptables-save > /etc/iptables.rules

3. Disable Root SSH Access & Change Default Port

For better security, disable root login and change the SSH port.

sudo nano /etc/ssh/sshd_config

Modify the following lines:

PermitRootLogin no
Port 2222
sudo systemctl restart sshd

4. Prevent Brute-Force Attacks with Fail2Ban

Fail2Ban blocks suspicious IP addresses after multiple failed login attempts.

sudo apt install fail2ban -y
sudo systemctl enable --now fail2ban

To configure Fail2Ban settings:

sudo nano /etc/fail2ban/jail.local

Add the following lines:

[sshd]
enabled = true
bantime = 3600
maxretry = 5
sudo systemctl restart fail2ban

5. Enable Two-Factor Authentication (2FA) for SSH

Adding an extra authentication step enhances security.

sudo apt install libpam-google-authenticator
google-authenticator

6. Limit User Privileges with Sudo

Restricting admin privileges minimizes security risks.

sudo visudo

7. Monitor Logs & Detect Unauthorized Changes

Regularly check logs to identify security threats early.

sudo journalctl -xe
sudo cat /var/log/auth.log

Use AIDE to track system file changes:

sudo apt install aide
sudo aideinit

Conclusion

To secure your Linux server, a proactive approach is essential. Regular updates, firewalls, SSH security measures, and monitoring logs significantly reduce vulnerabilities. Implementing these practices will strengthen your server’s security and help prevent cyber threats.

SSH


Comments

Post a Comment