Home >Operation and Maintenance >Linux Operation and Maintenance >Harden your Linux server security with command line tools
Reinforce your Linux server security with command line tools
In today’s digital age, server security is an important guarantee for any website and application. As one of the most popular choices, Linux server security has also become the focus of everyone's attention. In order to strengthen the security of your Linux server, you can use command line tools for hardening. This article will introduce some commonly used command line tools and their usage examples to help you better harden your server.
Install Fail2Ban:
sudo apt-get install fail2ban
Configure Fail2Ban:
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local sudo vi /etc/fail2ban/jail.local
In the configuration file, you can modify some parameters, such as setting the location of the monitoring log file and the maximum login Number of failures, ban time, etc. After completion, restart the Fail2Ban service:
sudo service fail2ban restart
Edit the SSH configuration file:
sudo vi /etc/ssh/sshd_config
Modify the values of the following parameters to the required security settings:
PermitRootLogin no #禁用root用户登录 MaxAuthTries 3 #限制登录尝试次数
Save the configuration file and restart the SSH service:
sudo service sshd restart
Add IPTables rules:
sudo iptables -A INPUT -s <IP地址> -j DROP
For example, to block access to the IP address 192.168.1.100:
sudo iptables -A INPUT -s 192.168.1.100 -j DROP
Use the following command to view the current IPTables rules:
sudo iptables -L
Install Lynis:
sudo apt-get install lynis
Run a Lynis scan:
sudo lynis audit system
Lynis will scan your system and output a detailed Report containing discovered security issues and recommended fixes.
Summary
The above introduces some commonly used command line tools. By using these tools, you can strengthen the security of your Linux server. However, these are just some basic security measures. In order to further improve the security of the server, you also need to regularly update the operating system and software, use complex passwords, regularly back up data, etc. Only by using a combination of security measures can you better protect your server and data from attacks.
The above is the detailed content of Harden your Linux server security with command line tools. For more information, please follow other related articles on the PHP Chinese website!