Home > Article > Operation and Maintenance > Linux server security configuration: improve system defense capabilities
Linux server security configuration: improving system defense capabilities
With the rapid development of the Internet, server security issues have become increasingly prominent. In order to protect the stability of the server and the security of the data, the server administrator should strengthen the security configuration of the Linux server. This article will introduce some common Linux server security configuration methods and provide relevant code examples to help administrators improve the system's defense capabilities.
sudo yum update
sudo systemctl stop <service-name> sudo systemctl disable <service-name>
# 启动防火墙服务 sudo systemctl start firewalld # 开启SSH访问 sudo firewall-cmd --zone=public --add-port=22/tcp --permanent sudo firewall-cmd --reload # 开启Web服务访问 sudo firewall-cmd --zone=public --add-port=80/tcp --permanent sudo firewall-cmd --reload
The following is a sample code for modifying the SSH configuration file:
sudo vi /etc/ssh/sshd_config # 修改SSH默认端口 Port 2222 # 禁用root用户登录 PermitRootLogin no # 配置公钥登录 RSAAuthentication yes PubkeyAuthentication yes
After the modification is completed, use the following command to restart the SSH service:
sudo systemctl restart sshd
# 安装fail2ban sudo yum install epel-release sudo yum install fail2ban # 创建自定义配置文件 sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local # 编辑配置文件 sudo vi /etc/fail2ban/jail.local # 修改SSH相关配置 [sshd] enabled = true port = ssh logpath = %(sshd_log)s backend = %(sshd_backend)s maxretry = 3 bantime = 3600 # 启动fail2ban服务 sudo systemctl start fail2ban sudo systemctl enable fail2ban
The above are some common Linux server security configuration methods and sample codes. Of course, there are many other aspects to pay attention to when it comes to server security, such as configuring appropriate file permissions, using strong passwords, etc. When configuring server security, administrators need to comprehensively consider the actual environment and needs of the server and reasonably formulate security policies to improve the system's defense capabilities.
The above is the detailed content of Linux server security configuration: improve system defense capabilities. For more information, please follow other related articles on the PHP Chinese website!