February 29, 2024

Probably one of the top issues in running a website is security. A hacker successfully getting into your website could effectively shut it down. Though there is no guaranteed way to stop a determined hacker, one needs to put up as many walls as possible to deter the casual hackers.

Here’s some tips on hardening a Linux web server:

– Disable root login. I see this attempted all the time in my logs.

– Use ssh/sftp and disable telnet/ftp.

– Disable all logins, except for the necessary ones.

– Keep all software up to date.

– Keep regular backups of data. One time, a hacker did get through. Fortunately, I had a recent backup and didn’t lose too much data.

– Make sure any code is immune from SQL injection and XSS attacks. There are libraries/tools that run on top of code that will catch suspicious activity before it hits any code.

– Install Brute Force Detection. This will detect authentication failures and automatically block them.

– Install an Intrusion Detection System (IDS) such as OSSEC. It monitors many things and also automatically blocks suspicious activity.

Hardening Linux Web Servers
20 Linux Server Hardening Security Tips
Securing and Hardening Red Hat Linux Production Systems
28 Steps on how to harden your linux server
Hardening Linux