LiveZilla Live Help
LiveZilla Live Help
indian flag    Email :
   Call : +91(0141)-4113929
Linux Server Security Tips
By Gopal on Sat Sep 2018 15:16:05
Security of data and server from hackers is a main task of system administration services. Below is few basic security tips for your linux server.

1: Strong Password Policy

Making strong passwords is first stage of securing your server. Do not use common names as your password like yourname, date of birth, mobile number etc. Passwords should be alphanumeric with upper and lower case letters.
You can use password aging policy on your linux machine to enforce users to change there password on regular interval.

To get password aging information

# chage -l username

To change password aging information

# chage -m 7 -M 60 -W 15 username

-m: Minimum number of days between password change
-M: Maximum number of days between password change
-W: Number of days of warning before password expires

To disable password aging ( Not recommended on production server )

# chage -M 99999 username

2: Disable root login

As you know root account has unlimited priviledges, so keep disable root account on server. also make sure no other user having uid or gid 0 using below command, Only root user line should be listed with both comamnds.

# awk -F: '($3 == "0") {print}' /etc/passwd
# awk -F: '($4 == "0") {print}' /etc/passwd

To execute root level commands you can configure sudo priviledges on your server.
3: Keep your system up to date

Always keep your sytem uptodate with latest software patches or updates. Your can use linux utilities ( yum, apt-get etc ) to update your system with latest updates. Keep uptodate your system on regular interval.


# yum update
# apt-get update && apt-get upgrade

You can also use yum-updatesd service to enable email notification when any new update found.
4: Use of secure protocal for remote access

Always use secure protocals while accessing server from remote or trasferring data. All secure protocals encrypted data transmission.

Not to Use:

> rcp
> telnet
> ftp

To Use

> ssh
> scp
> sftp ( FTP over SSL )
5: Disable unwanted services

There are many services running in background on your system. Find out and disable all services which are not required.
find out all service that will start on system boot

# chkconfig --list | grep ':on'

Stop all service which are not required on server.

# service service-name stop

Also disable service to start on system boot

# chkconfig service-name off

Linux Server Security Tips



Please login to comment. Login