How do I make sure my server is secure?
-
How do I make sure my server is secure?
It's CentOS7 running a basic LAMP stack.
-
Fail2Ban, that's always my first add on.
-
Make sure you keep the firewall on and as tight as you can. And make sure SELinux is enabled.
-
CentOS 7 is very secure out of the box. You are pretty locked down right out of the gate.
-
If you know that there are IP ranges that you do not need need exposed, you can lock down your firewall to disallow whole ranges, like those from certain countries. But this blocks legit users in those countries too.
-
Check out Lynis. It does a full scan on your server and give you a report on the security.
http://www.tecmint.com/install-lynis-auditing-tool-in-rhel-centos-fedora/My list is as below:
Setup server
install lynis scan and fix the security issues.
use webmin and install configserver firewall.
Check server security with that, can tweak a lot of settings with that to reach a good security score.
Lock down access to specific IPs like to few network/Vpn/to jump server.
To know more about csf http://configserver.com/cp/csf.html
-
Great thread, when I go to deploy ScreenConnect next week I'll be looking to this thread.
-
