Stay Ahead With Linux Security HOWTOs
How to Secure My Network
security advisory remote access
security advisory remote access Most of the time, nobody notices. SSH authentication succeeds, no alerts are generated, and the connection looks exactly the way it did the day the key was installed. That's part of the problem. . When security teams investigate unauthorized access on Linux systems, they often focus on passwords, exposed services, or vulnerable software. Trusted access receives less attention. Yet a single forgotten or unauthorized SSH key can provide the same access as a legitimate user while attracting very...
Jun 03, 2026
How to Secure My Networkintrusion detection application security
intrusion detection application security The wrong IPS rule can look like a security fix right up until it becomes an outage. . On Linux systems, detection and prevention are often discussed together, but they do not carry the same operational risk. One tells admins that something suspicious happened. The other can decide whether traffic is allowed to continue. That is why IDS vs IPS is not just a definition to memorize. It is a deployment decision about where to monitor, where to block, and how much confidence a team needs before...
Jun 01, 2026
How to Secure My Networkunauthorized access security techniques
unauthorized access security techniques Exposed SSH servers are continuously hammered by brute-force attacks, password spraying, credential stuffing, and recycled passwords from infostealer dumps. Attackers rotate usernames, test weak credentials, and probe for anything that gives them initial access. The logs usually look messy long before the compromise happens. . The difficult part is separating harmless failures from actual intrusion activity. One failed login from an internal workstation rarely matters. Repeated failures...
May 28, 2026
How to Secure My Networksecurity advisory incident response
security advisory incident response The first 30 minutes after discovering a compromised Linux server usually decide how much evidence remains available. One rushed reboot or cleanup attempt can wipe logs, terminate malicious processes, or remove network activity that investigators still need to review. Attackers also do not usually stay on one system for long once access is established. Early response is mostly about preserving visibility. Collect process information. Save network connections. Limit access carefully before...
May 28, 2026
How to Secure My Networknetwork monitoring Linux server
network monitoring Linux server When a Linux server initiates an unauthorized outbound connection to an unknown IP address, it rarely triggers an immediate system failure. Instead, the server continues running normally, and the connection is usually only discovered during a routine firewall log review, a DNS audit, or a post-incident investigation. Because there are no obvious system crashes or performance drops, these quiet outbound sessions can easily be overlooked. . However, treating these anomalies lightly is a...
May 27, 2026
Refine HOWTOs
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security HOWTOs
We found 7 articles for you...
166
remote accessbest practicesssh securityEssential Strategies for Securing SSH Connections on Linux Systems
SSH is a globally-used protocol used to access remote servers. Here's how you can strengthen your SSH connections on Linux for maximum security. . SSH is widely used for accessing Linux servers securely. Most users use SSH connections with default settings to connect to a remote server. However, the unsecured default configurations also pose various security risks. The root account of a server with open SSH access may be at risk. And especially if you are using a public IP address, it is much easier to hack the root password. Therefore, it's necessary to know about SSH security. Here's how you can secure your SSH server connections on Linux. . Fortify your SSH links on Linux to enhance protection. Discover optimal methods to secure remote access seamlessly.. Secure SSH Connections, Linux SSH Security, SSH Server Best Practices. . Brittany Day
May 06, 2023
•
How to Learn Tips and Tricks
166
access controlSELinuxsecurity configurationEnhancing Security With SELinux Configuration for Linux Servers
SELinux can help you secure your server from malfunctioning processes or applications. Developed by the NSA (National Security Agency) to secure government devices from attackers, the security enhanced (SE) Linux architecture uses security protocols to restrict access to system resources. Find out how you can use it for your own server. . SELinux is a kernel module that can be enabled or disabled by the system admin. As the access to files and network ports is limited following a security policy, a faulty program or a misconfigured daemon can’t make a huge impact on system security. When an application or process requests file access in the SELinux system, first it checks the access vector cache (AVC). If permission is previously cached, then it returns with the file that the application is requested for. If the permission is not cached, then it sends the request to the security server. The security server checks all the security policies in its database. Depending on the security policy, permission is then granted or declined. . Leverage AppArmor to bolster your Ubuntu system's defense through stringent authorization and profile oversight.. SELinux, Access Control, Security Policies, Server Hardening, System Administration. . Brittany Day
Aug 02, 2022
•
How to Learn Tips and Tricks
166
security practicesSELinuxsystem protectionEssential Hardening Techniques for Linux Server Protection
Linux/Unix powers almost everything on the internet. Nearly all the websites that you visit on the internet are hosted on a server that is running Linux. . These servers host critical and confidential data. This could include apps and websites that are very popular. In this Linux server hardening guide , you will learn the 8 best ways to secure your Linux server and protect it from Hackers . The process of security should always be simple and straightforward. Hackers are always looking for vulnerabilities that they exploit in order to get access to your server. Security is not a one-time setting. You must constantly monitor any suspicious activities going on your server. There are many downsides of being hacked and the amount of damage that it can do to your company is crazy. Below we will be sharing with you best practices and Linux system hardening techniques to secure production environment servers . Let's get started! What Is Linux Server Hardening and Why Is It Important? Linux server security is a very professional skill and in high demand. This is one of the most searched for topics about Linux. The reason why is because most critical infrastructure apps and websites are running on this operating system. Many system administrators often take security for granted. If you think and feel that something hasn't happened to you in the past, don't assume it's not ever going to happen. Linux server security/hardening consists of configurations/settings that are proven best practices and recommendations for improving the security of a server running Linux. By securing a Linux Box you are automatically reducing the attack surface for a Hacker. Also, the fewer functions a server does, the fewer chances there will be of it being hacked. This is because there will be fewer applications to exploit. Vulnerabilities can occur at any day and time. There may be chances of vulnerabilities being over a decade old and it's just a matter of time until it's found by a security researcher. If youcare about security then hardening is very important! This will make sure your server is secure from threats like hackers. Your customer's data will be secure, there will be no downtime, services will run 24/7 and you will maintain client trust. How To Easily Secure Linux Server (8 Best Linux Server Security/Hardening Tips) - 2021 Edition Below is a step-by-step guide for Linux system hardening techniques. After following the steps below, we can assure you that your server will be at least 70% more secure than it previously was. Please make sure to always have a backup first before doing any changes. The below steps can also be used as a checklist to ensure you have done everything on your end. Recommended read: How to Secure your Website from Hackers . Physical Server Security - Protecting the Console There are 101 ways a hacker can hack your Linux box. But there are 1001 ways you can secure against their attacks. To secure your Linux console you will have to make sure you disable it to boot from specific external devices which are: Flash drives or USBs. DVD and CDs. You should only disable the boot process to the above drives once you have your BIOS configured. As an additional security measure, you should lock the grub bootloader and the BIOS. This will ensure that the above settings cannot be changed by anyone with even physical access to your critical systems. Enable SELinux (Security-Enhanced Linux) This is an access control security method in Linux at the kernel level. It provides a range of modes of what it can do. Permissive - This is a mode where your server will not enforce any of the security policies. However, it will log any changes and warn you of what happened. Enforcing - This will enable SELinux and enforce all the security policies you have created. Disabled - This will turn SELinux off, please don't. Below is the command to change the configuration of SELinux: /etc/selinux/config Close Unused Ports - Netstat TheNetstat command allows you to view all the active connections to your server. This will show you all the open ports and the services they are using. It will show you a list of services and it is best practice to turn off the ports to services your server doesn't use. Use the netstat -tunlp command to check for open ports. Now, to disable the unwanted ports you will need to use another command. To turn off services in Linux, use the command chkconfig Nameofservice off Secure SSH Connection SSH (Secure Shell) is the most secure way to connect to your server. However, hackers know which port it operates on and that is 'Port 22'. Changing the SSH port number gives you an edge for security. Follow the steps below to change the default SSH port number in Linux: Go to /etc/ssh/sshd_config . Now change the default port number with any port number you want. For example, 2211. Once you have changed the port number, save and exit the configuration. Now to enable the changes you've made run 'service sshd restart' command in the CLI. Reminder: When you log in again using SSH use the new port number. Let's say it was the port number we gave in the above example, so it will be, example@IP -p 2211. Root Login - Turn it off It is advised by many professionals and it is also a proven good practice that you should never SSH with a superuser/root account. You need to disable root access via SSH onto the server. To disable root login on your Linux server for enhanced security follow the steps below: Open the SSH configuration file: nano /etc/ssh/sshd_conf . Uncomment the following line: PermitRootLogin no . Save the file and restart your service. I would advise you to test if this works. Do not log out of the existing terminal. Open a new terminal, try to connect again and then exit. No Old Passwords - Don't Reuse Them As a rule of thumb, you should never reuse old passwords ever. You can easily restrict users from using their old passwords on the same machine. Thelocation for the old password file is: /etc/security/opasswd . This can only be changed using the PAM module in Linux. Follow the steps below to restrict the use of old passwords: For RHEL (Red Hat Enterprise Linux), CentOS and Fedora: Go to '/etc/pam.d/system-auth ' For Debian and Ubuntu: Go to '/etc/pam.d/common-password' . After you have opened the location of the old passwords, do the following steps: In the 'auth' section you will need to enter the following line: 'auth sufficient pam_unix.so likeauth nullok' If you want to allow a user to reuse his/her password from a number of passwords that were last used to add the following line the 'password' section: 'password sufficient pam_unix.so nullok use_authtok md5 shadow remember=3' Now after you have activated this security feature it will give an error to the user who is trying to use an old password, from its last three passwords on the server. Read: How to Wipe your Hard Drive (HDD) using DBAN . Fewer Packages = Fewer Chances of Getting Hacked You should only install the packages that you need. Do NOT install any packages that you might not need or use on your Linux box. Packages can have vulnerabilities that can compromise your system. You don't need many services at once installed on your system. You will need to find any unused/unwanted packages on your Linux server. This will also reduce the attack surface for a Hacker. The fewer services you have installed, the less are the chances of you being vulnerable to an attack. Follow the steps below to disable packages you don't need: Use the 'chkconfig' command (cmd). This will show you the services running at 'runlevel 3'. Now run the following command to give you a list of all the services: '# /sbin/chkconfig --list |grep '3:on'. The command to disable services is: 'chkconfig Nameofservice off'. You can also use RPM package manager for YUM or APT-GET . This will also show you a list of all the available packagesinstalled. To remove packages with YUM: yum -y remove name-of-package To remove packages using apt-get: sudo apt-get remove name-of-package Always keep Your Server Updated Make sure you always install the latest version of any software you are running. This also includes any important Linux updates. There are kernel vulnerabilities coming up every day that need patching. Security fixes are critical for your infrastructure. They are a lifesaver and have many benefits for the health of your system. To update your Linux server run the following commands in the command line: yum check-update yum updates Bonus Linux security tips: Always monitor your server for any unwanted activities. Check your log files for any suspicious file changes or permission changes. Check your firewall for any warnings or notifications. Keep all your packages updated. Lockdown Cronjobs to only authorized users. Turn off any protocols you are not using such as IPv6. Enable Linux firewall and turn on iptables. Back up regularly in case of any disaster. Please note: There are many different distributions/flavors of Linux. This includes Ubuntu, CentOS, RHEL, Mint, Arch, OpenSUSE and Debian. The above tutorial should work on all of them and there will be only slight changes at the CLI. Conclusion - Never Ignore Security on Your Server Security is vital to any part of our digital lives and work. You must keep everything updated, secure and encrypted. You should never ignore security especially on a production server or live environment. Hackers are always looking for vulnerable Linux servers on the web. I hope you have enjoyed reading the above Linux hardening guide and learned how to secure your Linux server in 2021 by following best practices and standards. You can use this as a script if you combine all the commands together. Do you know any other Linux Security Tips ? Please share them below in the comments! Thank youto Shaheer Qayyum for contributing this article. The link for this article located at Secured You is no longer available. . Discover effective strategies to safeguard your Linux server from cyber threats while ensuring vital information remains secure and current.. Linux Server Security, Server Hardening Techniques, Protecting Data, Security Best Practices. . Brittany Day
Jul 28, 2021
•
How to Learn Tips and Tricks
166
access controlsecurity enhancementUbuntuHow To Configure Endlessh SSH Tarpit On Ubuntu 20.04 For Security
Learn how to add an SSH tarpit to Ubuntu Server 20.04 with the help of endlessh. . In your never-ending quest to secure your Linux servers, you've probably found a lot of times the breaches happen through SSH. No matter how secure it is, it can still be cracked. That's why you might need to consider setting up a tarpit for that service. Essentially, a tarpit will run on the standard SSH port and, when a hacker attempts to break through that port, they'll wind up stuck in an endless loop. That's how endlessh works. Install it and configure it for port 22 and the script kiddies will wind up in a tarpit, unable to escape. I'm going to show you how to do just that. . Fortify your Linux servers by configuring an SSH tarpit with endlessh, enhancing defense against unpermitted access.. SSH Tarpit, Endlessh Setup, Server Security, Linux Protection, Ubuntu Server. . Brittany Day
Apr 16, 2021
•
How to Learn Tips and Tricks
166
security measuressecurity best practicesserver security10 Essential Steps To Secure Your Linux Server and Best Practices
Linux servers are already extremely secure by default that’s why 100% of supercomputers, most of the top 1 million servers , and top 25% of websites on the internet run on Linux. Besides having security tools in place, users should follow a few steps to further secure Linux servers. Learn about 10 steps you should take to secure your servers in this tutorial. . As we all know nothing is perfect. Things can go wrong if proper precautions are not taken. Once in a while, Linux tools encounter serious vulnerabilities and due to the nature of these tools (open-source), all tools quickly receive security fixes. When it comes to compromising a Linux server, most of the time users’ actions are responsible for it. After the compromise, we get to know the compromise could easily be prevented by implementing a simple firewall rule. The link for this article located at Linux and Ubuntu is no longer available. . Discover key measures for boosting the protection of your Unix-based server by utilizing effective strategies and recommended guidelines.. Linux Security Tips, Server Hardening, Best Practices for Open Source Security. . Brittany Day
Mar 19, 2021
•
How to Learn Tips and Tricks
163
performance improvementnginxweb serverEnhance Nginx Security and Performance: 12 Essential Tips
Learn how to secure, harden and improve the performance of your Nginx web server in this Tecmint tutorial. . Based on the wonderful things you have heard about Nginx, perhaps you decided to give it a try. You may have liked it so much that are considering replacing your Apache installations with Nginx after going through some of the articles on the topic that we have published on this site. If so, I’m sure you will welcome this guide with open arms since we are going to cover 12 tips to increase the security of your Nginx servers (ranging from keeping Nginx up to date all the way to using using TLS and redirecting HTTP to HTTPS), and you will note that some of them are very similar to what you would do with Apache. . Fortify your Nginx server against vulnerabilities, optimize its efficiency, and bolster overall safety through these crucial strategies and methods.. Nginx Security Tips, Server Hardening Guide, Improve Nginx Performance. . Brittany Day
Mar 04, 2021
•
How to Secure My Webserver
163
infrastructure securityserver hardeningAWS securityImplementing Essential Hardening Strategies for Cloud Security
Want to learn how to apply a few basic hardening principles to secure your cloud environment? This article does a great job of simplifying the server-hardening process for Cloud infrastructure. . I've written about simple server-hardening techniques in the past. Those articles were inspired in part by the Linux Hardening in Hostile Networks book I was writing at the time, and the idea was to distill the many different hardening steps you might want to perform on a server into a few simple steps that everyone should do. In this article, I take the same approach only with a specific focus on hardening cloud infrastructure. I'm most familiar with AWS, so my hardening steps are geared toward that platform and use AWS terminology (such as Security Groups and VPC), but as I'm not a fan of vendor lock-in, I try to include steps that are general enough that you should be able to adapt them to other providers. The link for this article located at Linux Journal is no longer available. . Discover key techniques for implementing fundamental fortification strategies that will enhance the security of your cloud infrastructure.. Cloud Security, AWS Hardening, Infrastructure Protection, Server Security, Basic Hardening Techniques. . Brittany Day
Jul 10, 2019
•
How to Secure My Webserver
163
configuration managementsecurity best practicesserver hardeningAdvanced Server Hardening Techniques With Ansible's Idempotency
In the previous articles, we introduced idempotency as a way to approach your server’s security posture and looked at some specific Ansible examples, including the kernel, system accounts, and IPtables. In this final article of the series, we’ll look at a few more server-hardening examples and talk a little more about how the idempotency playbook might be used. . Due to its reduced functionality, and therefore attack surface, the preference amongst a number of OSs has been to introduce “chronyd” over “ntpd”. If you’re new to “chrony” then fret not. It’s still using the NTP (Network Time Protocol) that we all know and love but in a more secure fashion. The first thing I do with Ansible within the “chrony.conf” file is alter the “bind address” and if my memory serves there’s also a “command port” option. These config options allow Chrony to only listen on the localhost. In other words you are still syncing as usual with other upstream time servers (just as NTP does) but no remote servers can query your time services; only your local machine has access. The link for this article located at Linux.com is no longer available. . Due to its reduced functionality, and therefore attack surface, the preference amongst a number of O. previous, articles, introduced, idempotency, approach, server’s, security. . Brittany Day
Jun 25, 2019
•
How to Secure My Webserver
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Explore top 10 tips to secure your open-source projects now. Read More