Blog

Search | Archive | Categories
Probably one of the top issues in running a website is security. A hacker successfully getting into your website could effectively shut it down. Though there is no guaranteed way to stop a determined hacker, one needs to put up as many walls as possible to deter the casual hackers.

Here's some tips on hardening a Linux web server:

- Disable root login. I see this attempted all the time in my logs.

- Use ssh/sftp and disable telnet/ftp.

- Disable all logins, except for the necessary ones.

- Keep all software up to date.

- Keep regular backups of data. One time, a hacker did get through. Fortunately, I had a recent backup and didn't lose too much data.

- Make sure any code is immune from SQL injection and XSS attacks. There are libraries/tools that run on top of code that will catch suspicious activity before it hits any code.

- Install Brute Force Detection. This will detect authentication failures and automatically block them.

- Install an Intrusion Detection System (IDS) such as OSSEC. It monitors many things and also automatically blocks suspicious activity.

Links:
Hardening Linux Web Servers
20 Linux Server Hardening Security Tips
Securing and Hardening Red Hat Linux Production Systems
28 Steps on how to harden your linux server
Hardening Linux

Posted: 2010-05-14 08:59:13


<< Gulf Oil SpillLearning Objective-C >>

RSS/XML