How to secure my webserver
Find the HOWTO or step-by-step guide that you need right here.
Find the HOWTO or step-by-step guide that you need right here.
Learn how to setup passwordless SSH key-based authentication for multiple remote Linux servers simultaneously using a shell script in this TecMint tutorial.
Using SSH key-based authentication is beneficial for both security and convenience. Learn how to generate and share keys using ssh-keygen in this tutorial.
It is 2020, and we can say for sure, that ssh-server is still one of the most popular services on Linux systems. During various meetings, I was often asked: How to secure SSH? Even though this question seems trivial, it is not. There are a lot of things to remember to accomplish well-designed service security.
Linux is the most popular OS for web-facing computers, running on nearly 75% of servers according to Netcraft’s August 2019 data - making Linux servers an increasingly popular target among cyber criminals. This article offers tips and advice for securing your Linux servers against malware and other dangerous exploits.
Learn how to enable passwordless SSH authentication on Linux in this helpful tutorial.
Looking to secure and harden your OpenSSH server? Check out this tutorial, which provides valuable tips and advice on how this can be done.
If you’re managing a Linux server, you'll want to have a selection of commands that you can use to check user activity. This article examines some helpful commands that Linux server admins can use to view user activity.
With the different methods of finding active SSH connections on Linux examined in this guide, you can easily monitor who is logged in to your server.
Protecting Linux servers against SYN attacks and IP spoofing is surprisingly simple. Jack Wallen shows you how in a great tutorial.
Cockpit is a free, open source, server administration tool that allows you to easily monitor and administer Linux servers via a web browser. Learn how to install and configure Cockpit on Linux in a helpful tutorial.
Are you certain that your end users are utilizing strong passwords on your Linux servers? Let a tool called John the Ripper (JTR) show you who is and who isn't. Learn how this is done in a helpful tutorial.
Preventing idle SSH sessions from remaining connected is critical in keeping servers secure. Find out how to do this in a helpful tutorial.
In a production environment, it is common practice to disable network ping for a security reason so that no one can ping your server. However, by default, ping is enabled on Linux servers. Learn now to enable and disable Ping using iptables on Debian 10 in a helpful tutorial:
The good news is that Web servers have come a long way in terms of security. But to err is human, even for IT and security people.
Want to learn how to apply a few basic hardening principles to secure your cloud environment? This article does a great job of simplifying the server-hardening process for Cloud infrastructure.
Are you a CentOS or Ubuntu user who wants to learn how to secure your Cloud/VPS VM? Some tips and best practices for securing your Cloud server include changing SSH default ports, disabling password-based authentication and performing regular backups and updates.
Looking for tips on how to secure your Linux cloud? Linux offers many options for hardening your system and preventing unauthorized access. Some best practices for making sure your Linux cloud remains secure include encrypting communications, monitoring login authentication, using SSH-keys instead of passwords, setting up a firewall, updating your system, frequently scanning for malware and implementing an intrusion detection system.
In the previous articles, we introduced idempotency as a way to approach your server’s security posture and looked at some specific Ansible examples, including the kernel, system accounts, and IPtables. In this final article of the series, we’ll look at a few more server-hardening examples and talk a little more about how the idempotency playbook might be used.
This article is the first of two on cryptography basics using OpenSSL, a production-grade library and toolkit popular on Linux and other systems. (To install the most recent version of OpenSSL, see here.) OpenSSL utilities are available at the command line, and programs can call functions from the OpenSSL libraries. The sample program for this article is in C, the source language for the OpenSSL libraries.
When thinking about IT security, one area that may not readily come to mind is the physical security of an enterprise’s servers. It’s often thought that because the servers are behind lock and key and/or in a data center, and because the data is in continuous use, encrypting the server drives isn’t needed since the data is never at-rest.
Sign up to get the latest security news affecting Linux and
open source delivered straight to your inbox
Powered By
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.