How to protect your Linux server with command line tools-Linux Operation and Maintenance-php.cn

Home

Operation and Maintenance

Linux Operation and Maintenance

How to protect your Linux server with command line tools

王林

Sep 09, 2023 am 08:46 AM

firewallAccess controlsecurity patcheslinux server protection

How to protect your Linux server with command line tools

How to protect your Linux server through command line tools

The security of Linux servers is crucial, and they often host important applications and data. In many cases, command line tools are a simple and efficient way to protect your Linux servers. This article will introduce some commonly used command line tools and provide code examples to help you protect your Linux server.

Use iptables for firewall configuration

iptables is a command line tool for configuring firewalls on Linux servers. You can protect your server from malicious traffic by allowing or denying specific network connections.

The following are some commonly used iptables command examples:

Allow access to specific IP addresses

iptables -A INPUT -s 192.168.0.1 -j ACCEPT

Deny access to specific IP addresses

iptables -A INPUT -s 192.168.0.2 -j DROP

Allow access to specific ports

iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Deny access to specific ports

iptables -A INPUT -p tcp --dport 23 -j DROP

Use fail2ban For intrusion detection and prevention

fail2ban is a tool for detecting and blocking malicious IP addresses. It can monitor login attempts and block logins from malicious IPs via iptables.

The following is an example of how to use fail2ban to configure protected SSH:

Install fail2ban

sudo apt-get install fail2ban

Edit fail2ban’s configuration file

sudo vi /etc/fail2ban/jail.conf

Open the configuration of SSH protection

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3

Start the fail2ban service

sudo systemctl start fail2ban

Use ssh-keygen to generate the SSH password Key

Using SSH keys as a method of authentication is more secure than using passwords. You can use the ssh-keygen command to generate a pair of keys: a private key and a public key. Deploy the public key to the server and save the private key locally.

Generate SSH key pair

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

Copy the public key to the server

ssh-copy-id -i ~/.ssh/id_rsa.pub user@server

Now, you can use the private key key to authenticate via SSH without entering a password.

Create basic authentication using htpasswd

If you want only specific users to be able to access your website or application, you can use the htpasswd tool to create basic authentication.

Install apache2-utils (including htpasswd)

sudo apt-get install apache2-utils

Create a user

sudo htpasswd -c /etc/apache2/.htpasswd user1

Place the .htpasswd file Associated with the directory or application you want to protect.

This way, only users with a valid username and password can access the directory or application.

Summary

By using command line tools to protect your Linux server, you can enhance its security. This article introduces some commonly used command line tools, including iptables, fail2ban, ssh-keygen and htpasswd. By properly configuring and using these tools, you can effectively protect your server from malicious attacks and unauthorized access.

Remember that good security practices are an ongoing process and you should update your servers frequently and check and review security settings regularly.

The above is the detailed content of How to protect your Linux server with command line tools. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

What is Maintenance Mode in Linux? ExplainedApr 22, 2025 am 12:06 AM

MaintenanceModeinLinuxisaspecialbootenvironmentforcriticalsystemmaintenancetasks.Itallowsadministratorstoperformtaskslikeresettingpasswords,repairingfilesystems,andrecoveringfrombootfailuresinaminimalenvironment.ToenterMaintenanceMode,interrupttheboo

Linux: A Deep Dive into Its Fundamental PartsApr 21, 2025 am 12:03 AM

The core components of Linux include kernel, file system, shell, user and kernel space, device drivers, and performance optimization and best practices. 1) The kernel is the core of the system, managing hardware, memory and processes. 2) The file system organizes data and supports multiple types such as ext4, Btrfs and XFS. 3) Shell is the command center for users to interact with the system and supports scripting. 4) Separate user space from kernel space to ensure system stability. 5) The device driver connects the hardware to the operating system. 6) Performance optimization includes tuning system configuration and following best practices.

Linux Architecture: Unveiling the 5 Basic ComponentsApr 20, 2025 am 12:04 AM

The five basic components of the Linux system are: 1. Kernel, 2. System library, 3. System utilities, 4. Graphical user interface, 5. Applications. The kernel manages hardware resources, the system library provides precompiled functions, system utilities are used for system management, the GUI provides visual interaction, and applications use these components to implement functions.

Linux Operations: Utilizing the Maintenance ModeApr 19, 2025 am 12:08 AM

Linux maintenance mode can be entered through the GRUB menu. The specific steps are: 1) Select the kernel in the GRUB menu and press 'e' to edit, 2) Add 'single' or '1' at the end of the 'linux' line, 3) Press Ctrl X to start. Maintenance mode provides a secure environment for tasks such as system repair, password reset and system upgrade.

Linux: How to Enter Recovery Mode (and Maintenance)Apr 18, 2025 am 12:05 AM

The steps to enter Linux recovery mode are: 1. Restart the system and press the specific key to enter the GRUB menu; 2. Select the option with (recoverymode); 3. Select the operation in the recovery mode menu, such as fsck or root. Recovery mode allows you to start the system in single-user mode, perform file system checks and repairs, edit configuration files, and other operations to help solve system problems.

Linux's Essential Components: Explained for BeginnersApr 17, 2025 am 12:08 AM

The core components of Linux include the kernel, file system, shell and common tools. 1. The kernel manages hardware resources and provides basic services. 2. The file system organizes and stores data. 3. Shell is the interface for users to interact with the system. 4. Common tools help complete daily tasks.

Linux: A Look at Its Fundamental StructureApr 16, 2025 am 12:01 AM

The basic structure of Linux includes the kernel, file system, and shell. 1) Kernel management hardware resources and use uname-r to view the version. 2) The EXT4 file system supports large files and logs and is created using mkfs.ext4. 3) Shell provides command line interaction such as Bash, and lists files using ls-l.

Linux Operations: System Administration and MaintenanceApr 15, 2025 am 12:10 AM

The key steps in Linux system management and maintenance include: 1) Master the basic knowledge, such as file system structure and user management; 2) Carry out system monitoring and resource management, use top, htop and other tools; 3) Use system logs to troubleshoot, use journalctl and other tools; 4) Write automated scripts and task scheduling, use cron tools; 5) implement security management and protection, configure firewalls through iptables; 6) Carry out performance optimization and best practices, adjust kernel parameters and develop good habits.

See all articles