Linux Server Security: Use Commands to Protect Your System
Overview:
In the modern Internet era, server security has become a vital topic . For servers using the Linux operating system, there are many powerful commands that can help us protect system security. This article will introduce some commonly used commands to help you improve the security of your Linux server.
A firewall is the primary tool for protecting your server from unauthorized access. In Linux, we can use the iptables command to configure and manage firewall rules. Here are some examples of commonly used iptables commands:
iptables -L
iptables -A INPUT -p tcp --dport 80 -s 192.168.0.1 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -s 192.168.0.2 -j DROP
The above commands are just a few examples, you can customize more complex firewall rules according to your needs.
Brute force cracking is one of the common attack methods used by hackers. To prevent brute force attacks, we can use fail2ban to monitor login attempts and automatically block malicious IPs. Here are example commands to install and configure fail2ban on Ubuntu:
sudo apt-get update sudo apt-get install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo nano /etc/fail2ban/jail.local
sudo systemctl start fail2ban sudo systemctl enable fail2ban sudo systemctl status fail2ban
Go through the above steps , fail2ban will automatically monitor SSH login attempts, and if malicious behavior is detected, it will automatically block the IP for a period of time.
Using SSH key login can improve the security of the server, because the key is much harder to crack than the password. Here is a simple example of logging in using an SSH key:
ssh-keygen -t rsa
ssh-copy-id username@your_server_ip
sudo nano /etc/ssh/sshd_config
Find PasswordAuthentication
in the file and modify it to no
.
sudo systemctl restart sshd
Now you can log in using your SSH key without entering a password.
Regularly updating the operating system and software packages is a critical step in maintaining server security. With updates, you get the latest security fixes, as well as new features and improvements. Here is a sample command to update the Ubuntu operating system and packages:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
Last but not least, backup regularly Important data on the server. Backups can help you recover your data and reduce losses in the event of a hacker attack, hardware failure, or other problem. You can use the rsync command to synchronize data to a remote server or external storage device. The following is a simple rsync command example:
rsync -avz /path/to/source username@remote_server:/path/to/destination
With the above command, you can copy the contents of the source directory to a remote server or a specified target location.
Conclusion:
Securing a Linux server is an important and evolving task. In this article, we introduce some commonly used commands and examples that can help you improve the security of your server. However, server security relies on more than just commands and configuration, and requires ongoing monitoring and updates. Please make sure to take other necessary security measures when protecting your server and stay current on security best practices.
(Note: The above example commands are applicable to Ubuntu operating system, other Linux distributions may be different)
The above is the detailed content of Linux Server Security: Use Commands to Protect Your System. For more information, please follow other related articles on the PHP Chinese website!