Linux server security configuration: improve system defense capabilities

Linux server security configuration: improving system defense capabilities

With the rapid development of the Internet, server security issues have become increasingly prominent. In order to protect the stability of the server and the security of the data, the server administrator should strengthen the security configuration of the Linux server. This article will introduce some common Linux server security configuration methods and provide relevant code examples to help administrators improve the system's defense capabilities.

1. Update system and software packages
   Keeping the server's operating system and software packages up-to-date is one of the important steps to ensure server security. Timely updating of systems and software packages can fix discovered vulnerabilities and provide more powerful security features. The following is a sample code for using yum to update the system and software packages in CentOS system:

sudo yum update

2. Disable unnecessary services
   Linux server starts many unnecessary services by default, these Services can become potential entry points for attackers to break into your system. All services enabled on the server should be carefully reviewed and unnecessary services disabled based on actual needs. The following is a sample code to disable a service in a CentOS system:

sudo systemctl stop <service-name>
sudo systemctl disable <service-name>

3. Configuring the firewall
   The firewall is one of the key components to protect the server from network attacks. By configuring firewall rules, you can limit the IP addresses, ports, and protocols that the server allows access to. The following is a sample code for using the firewall configuration service firewalld in a CentOS system:

# 启动防火墙服务
sudo systemctl start firewalld

# 开启SSH访问
sudo firewall-cmd --zone=public --add-port=22/tcp --permanent
sudo firewall-cmd --reload

# 开启Web服务访问
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload

4. Configuring SSH access
   SSH is a common way for administrators to log in to the server remotely. In order to increase the security of SSH access, you can perform the following configuration:

• Modify the default SSH port: Changing the default port 22 to an unusual port can reduce the risk of brute force cracking.
• Disable root user login: Prohibiting root users from directly using SSH to log in to the server can increase the difficulty of intrusion for attackers.
• Configure public key login: Using a key pair to log in to the server instead of a password can provide higher security.

The following is a sample code for modifying the SSH configuration file:

sudo vi /etc/ssh/sshd_config

# 修改SSH默认端口
Port 2222

# 禁用root用户登录
PermitRootLogin no

# 配置公钥登录
RSAAuthentication yes
PubkeyAuthentication yes

After the modification is completed, use the following command to restart the SSH service:

sudo systemctl restart sshd

5. Add anti- Restrictions on brute force cracking
   In order to prevent brute force cracking of SSH passwords, you can add a restriction mechanism to limit the number and time intervals of failed SSH logins. The following is a sample code that uses the fail2ban tool to limit SSH brute force cracking:

# 安装fail2ban
sudo yum install epel-release
sudo yum install fail2ban

# 创建自定义配置文件
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

# 编辑配置文件
sudo vi /etc/fail2ban/jail.local

# 修改SSH相关配置
[sshd]
enabled  = true
port     = ssh
logpath  = %(sshd_log)s
backend  = %(sshd_backend)s
maxretry = 3
bantime  = 3600

# 启动fail2ban服务
sudo systemctl start fail2ban
sudo systemctl enable fail2ban

The above are some common Linux server security configuration methods and sample codes. Of course, there are many other aspects to pay attention to when it comes to server security, such as configuring appropriate file permissions, using strong passwords, etc. When configuring server security, administrators need to comprehensively consider the actual environment and needs of the server and reasonably formulate security policies to improve the system's defense capabilities.

The above is the detailed content of Linux server security configuration: improve system defense capabilities. For more information, please follow other related articles on the PHP Chinese website!