Harden your Linux server security with command line tools

Reinforce your Linux server security with command line tools

In today’s digital age, server security is an important guarantee for any website and application. As one of the most popular choices, Linux server security has also become the focus of everyone's attention. In order to strengthen the security of your Linux server, you can use command line tools for hardening. This article will introduce some commonly used command line tools and their usage examples to help you better harden your server.

1. Fail2Ban
   Fail2Ban is a tool used to prevent malicious logins, DDoS attacks, etc. It monitors the server's log files and automatically adds the attacker's IP address to the blocked access list after detecting multiple login failures or malicious behavior, thereby protecting the security of the server.

Install Fail2Ban:

sudo apt-get install fail2ban

Configure Fail2Ban:

sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vi /etc/fail2ban/jail.local

In the configuration file, you can modify some parameters, such as setting the location of the monitoring log file and the maximum login Number of failures, ban time, etc. After completion, restart the Fail2Ban service:

sudo service fail2ban restart

2. SSH configuration
   SSH (Secure Shell) is a common tool for remote login to the server. To enhance the security of SSH, you can modify the SSH configuration file to limit the number of login attempts and disable root user login.

Edit the SSH configuration file:

sudo vi /etc/ssh/sshd_config

Modify the values ​​of the following parameters to the required security settings:

PermitRootLogin no  #禁用root用户登录
MaxAuthTries 3  #限制登录尝试次数

Save the configuration file and restart the SSH service:

sudo service sshd restart

3. IPTables
   IPTables is the default firewall tool for Linux systems, which can restrict access to the server by configuring rules. You can use IPTables to block specific IP addresses, ports, or protocols to improve server security.

Add IPTables rules:

sudo iptables -A INPUT -s <IP地址> -j DROP

For example, to block access to the IP address 192.168.1.100:

sudo iptables -A INPUT -s 192.168.1.100 -j DROP

Use the following command to view the current IPTables rules:

sudo iptables -L

4. Lynis
   Lynis is an open source security audit tool used to inspect and assess security risks on Linux systems. It can scan configuration files, processes, users, etc. in the system and provide corresponding suggestions and repair suggestions. Here is a simple example of using Lynis:

Install Lynis:

sudo apt-get install lynis

Run a Lynis scan:

sudo lynis audit system

Lynis will scan your system and output a detailed Report containing discovered security issues and recommended fixes.

Summary
The above introduces some commonly used command line tools. By using these tools, you can strengthen the security of your Linux server. However, these are just some basic security measures. In order to further improve the security of the server, you also need to regularly update the operating system and software, use complex passwords, regularly back up data, etc. Only by using a combination of security measures can you better protect your server and data from attacks.

The above is the detailed content of Harden your Linux server security with command line tools. For more information, please follow other related articles on the PHP Chinese website!