How to: Secure My Webserver in Linux:
Find the HOWTO or step-by-step guide that you need right here.
Find the HOWTO or step-by-step guide that you need right here.
With the different methods of finding active SSH connections on Linux examined in this guide, you can easily monitor who is logged in to your server.
Protecting Linux servers against SYN attacks and IP spoofing is surprisingly simple. Jack Wallen shows you how in a great tutorial.
Cockpit is a free, open source, server administration tool that allows you to easily monitor and administer Linux servers via a web browser. Learn how to install and configure Cockpit on Linux in a helpful tutorial.
Are you certain that your end users are utilizing strong passwords on your Linux servers? Let a tool called John the Ripper (JTR) show you who is and who isn't. Learn how this is done in a helpful tutorial.
Preventing idle SSH sessions from remaining connected is critical in keeping servers secure. Find out how to do this in a helpful tutorial.
In a production environment, it is common practice to disable network ping for a security reason so that no one can ping your server. However, by default, ping is enabled on Linux servers. Learn now to enable and disable Ping using iptables on Debian 10 in a helpful tutorial:
The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people.
Want to learn how to apply a few basic hardening principles to secure your cloud environment? This article does a great job of simplifying the server-hardening process for Cloud infrastructure.
Are you a CentOS or Ubuntu user who wants to learn how to secure your Cloud/VPS VM? Some tips and best practices for securing your Cloud server include changing SSH default ports, disabling password-based authentication and performing regular backups and updates.
Looking for tips on how to secure your Linux cloud? Linux offers many options for hardening your system and preventing unauthorized access. Some best practices for making sure your Linux cloud remains secure include encrypting communications, monitoring login authentication, using SSH-keys instead of passwords, setting up a firewall, updating your system, frequently scanning for malware and implementing an intrusion detection system.
This article is the first of two on cryptography basics using OpenSSL, a production-grade library and toolkit popular on Linux and other systems. (To install the most recent version of OpenSSL, see here.) OpenSSL utilities are available at the command line, and programs can call functions from the OpenSSL libraries. The sample program for this article is in C, the source language for the OpenSSL libraries.
In the previous articles, we introduced idempotency as a way to approach your server’s security posture and looked at some specific Ansible examples, including the kernel, system accounts, and IPtables. In this final article of the series, we’ll look at a few more server-hardening examples and talk a little more about how the idempotency playbook might be used.
When thinking about IT security, one area that may not readily come to mind is the physical security of an enterprise’s servers. It’s often thought that because the servers are behind lock and key and/or in a data center, and because the data is in continuous use, encrypting the server drives isn’t needed since the data is never at-rest.
By design, Ansible expresses the desired state of a machine to ensure that the content of an Ansible playbook or role is deployed to the targeted machines. But what if you need to make sure all the infrastructure changes are in Ansible? Or verify the state of a server at any time?
I think it’s safe to say that the need to frequently update the packages on our machines has been firmly drilled into us. To ensure the use of latest features and also keep security bugs to a minimum, skilled engineers and even desktop users are well-versed in the need to update their software.
Welcome back to this three-party journey to getting OpenLDAP up and running so that you can authenticate your Linux desktop machines to the LDAP server. In part one, we installed OpenLDAP on Ubuntu Server 18.04 and added our first LDAP entries to the directory tree via the Command Line Interface (CLI).
Back in the bad old days, setting up basic HTTPS with a certificate authority cost as much as several hundred dollars per year, and the process was difficult and error-prone to set up. Now we have Let's Encrypt for free, and the whole thing takes just a few minutes.
VNC stands for Virtual Network Computing. It is remote control software which allows you to view and fully interact with one computer desktop using a VNC viewer on another computer desktop anywhere on the LAN or Internet. There are many facets of ensuring your VNC is secure and this article shows you how to do it with a Linux (OpenSuse 10.3) server. This is a great step-by-step way to establish a quick secure way to access remote desktops with SSH.
Fork bombing attacks, like other dangers, can wreak havoc on a system if you aren't careful. Every angle that isn't covered could in fact be the most vulnerable resource to a potential cracker. Here you get a quick overview on what needs to be done to make the most of your protection: Limiting user processes is important for running a stable system. To limit user process just add user name or group or all users to /etc/security/limits.conf file and impose process limitations.
If you need to set up secure website connections, this HOWTO is what you need. IT's focused on Debian but will help no matter what distribution you may be using. This how-to is Debian specific but could be ported to other distributions since the concept is the same. In order to use TLS Extensions we have to patch and recompile apache2 and recompile OpenSSL with the enable-tlsext directive. If you are going to use this HOWTO, you may want to check out their "Perfect Debian" HOWTO as well.