Forum

> > Off Topic > Linux Server Security
Forums overviewOff Topic overviewLog in to reply

English Linux Server Security

19 replies
To the start Previous 1 Next To the start

old Linux Server Security

Marcell
Super User Off Offline

Quote
Hi!

I'd like to secure my linux(debian) server.
Anybody can help in it?

I have ftp, ssh, web, sql server on it..

and i'd like to secure these and the whole linux system too..

old Re: Linux Server Security

DannyDeth
User Off Offline

Quote
You cannot secure something if it doesn't have something insecure on it. Just keep all the software up to date, never allow root login via SSH or FTP ( use sudo with a decent password for tasks that require root ), and any scripts running on your webserver need to be sure they strip database entries of SQL.

old SSH ftw.

KimKat
GAME BANNED Off Offline

Quote
user Marcell has written
I have ftp, ssh, web, sql server on it..

and i'd like to secure these and the whole linux system too..
Upgrading to the latest available stable versions of these might help you quite alot. There's httpd/Apache 2.4.6 and a few more out there up for grabs and they've been recommended by Apache. As user Shawni has stated there's no need for FTP when there's SSH (it has also a included SSH FTP) which installs with SSH and it's much more secure and useful.

You can install it with this one liner.
sudo apt-get install ssh
edited 2×, last 28.10.13 08:37:28 pm

old Re: Linux Server Security

SD
User Off Offline

Quote
@user Marcell:
Just a couple of advices from me:
1)
apt-get update && apt-get upgrade
everyday!
2) Don't use FTP, it's generally insecure compared to SSH. Stick with SSH & SFTP.
3) Create another root-like account with admin rights and use it. For root, set extremely hard password and disallow login via SSH. Never touch it then. Same with MySQL.
4) Only allow su for your admin user.
5) Configure iptables, at least some basic limitations.
6) Don't run Apache.

@user DannyDeth:
sudo is so tiresome. I use su instead.

@user lev258:
He has Debian server, not Ubuntu. Not so much difference, but still.

old Re: Linux Server Security

Shawni
User Off Offline

Quote
If you just want to secure your server then here are some tips that can help you alot :

*Password are everything, as the command passwd like to tell you that passwords based on dictionary word
are really BAD. Try to make your password longer and include some punctuations and some capital letter ( Linux filesystem is case sensitive ).

*Stop using MySQL if it's not indeed.

*Install DenyHost.

*Change SSH port.

*Stop using root ( edit /etc/ssh/ssh_config ) and create another account or use SSH Keys.

*Keep your OS updated.

old Re: Linux Server Security

SD
User Off Offline

Quote
user Shawni has written
*Change SSH port.

I forgot to mention this, but it's essential in my opinion.

user archmage has written
Install Gentoo.

He would run out of patience after two days of compiling.

old Re: Linux Server Security

DC
Admin Off Offline

Quote
Also make your SQL server only accessible from within the same network and disallow all external access (unless you really need it).

And in case you're using PHPMyAdmin: Choose a random folder name (nothing which contains terms like "admin", "php", "sql" or "db") and add at least an additional .htaccess password protection. There are tons of bots out there which systematically search for PHPMyAdmin.

old Re: Linux Server Security

DC
Admin Off Offline

Quote
I thought you were using Debian? Debian is certainly better for servers than Ubuntu... just saying.

old Re: Linux Server Security

Marcell
Super User Off Offline

Quote
I cannot, doesn't have cd to write debian...

i had a ubuntu server dvd, so installed from it, and works fine

old Re: Linux Server Security

Shawni
User Off Offline

Quote
user Marcell, if it's a private server from some provider then it's a shame, i mean Debian must be on the top list as it's the best linux distro for servers.

Admin/mod comment

Quote removed /user useigor
To the start Previous 1 Next To the start
Log in to replyOff Topic overviewForums overview