Best Ways to Secure Your Linux Server

An important aspect of any Linux server environment is the quality or state of being secure.

 In this guide, we look at some key ways you can secure your Linux Server. While we focus on Debian/Ubuntu, the steps we discuss here are common ones.

Here we go!,

1. Update your server

An operating system must be updated just as any other piece of software. Maintaining the current version will ensure that you get the latest fix for security issues. In addition, updates usually fix or add to existing features, which is why they are needed.

The process of updating is generally divided into two distinct steps. One is called an incremental update, and the other is a major update. Minor modifications are made to operating system components in incremental updates. These changes are usually communicated over the Internet to users. With the update managing software, users can download and install the modifications sequentially. However, major modifications require so many changes affecting several packages simultaneously that it becomes rather difficult to accomplish sequentially. After acquiring the upgraded version of the operating system, a fresh installation is best for this type of modification.

Applying patches to the operating system, installed applications, and local repositories can help secure your server.

Updating is as simple as following the command below,

On Ubuntu and Debian:

sudo apt update && sudo apt upgrade -y

And other flavours like Fedora, CentOS or RHEL:

sudo dnf upgrade

vi /etc/security/pwquality.conf

3. Upload your SSH key

The Secure Socket Shell Key Management, also known as Secure Shell Management.

An SSH key is an authentication credential for the SSH (secure shell) network protocol. In an unsecured open network, this protocol is used to communicate between remote machines securely.

Below you will find the command to upload the pre-generated SSH key to your server:

ssh-copy-id @ip_address

4. Enable a firewall

The firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on certain security rules. Using a firewall, you can prevent external threats from entering your system. There are other forms of threats that can be spread from machine to machine without the knowledge of the user.

Firewall configuration is simplified when using the Uncomplicated Firewall (UFW) interface to iptables as follows:

Installing UFW is as simple as running the following commands:

sudo apt install ufw

By enabling HTTP, HTTPS, and SSH, you can access the server

sudo ufw allow ssh

sudo ufw allow http

sudo ufw allow https

Then enable UFW


sudo ufw enable

You can see what services are allowed and denied with,

sudo ufw status

You can disable the UFW by typing the following command if you don’t want to use it,

sudo ufw disable

5. Configure 2FA

In addition to a password and a second token, two-factor authentication (2FA) enhances security by requiring users to log on using a password and another token.

Ensure that your server is fully updated and your data is backed up before you begin installing. As soon as you’ve set it up, you won’t be able to access your machine without the third-party-generated codes. Whenever you want to log in, you will need either your smartphone or the emergency code (generated after installing the necessary tools) 

That’s it!

There are many other things to consider besides those we discussed, so we have only touched on some of the most important ones.

 Get the most out of learning with VPSie.com