Hardens New Stuff: Simple Tricks for Best Results.

Date:

Share post:

Today, I decided to dive into something I’ve been putting off – hardening my new server. I’ve set up a few servers before, but I always feel like I’m just scratching the surface when it comes to security. So, I figured it was time to get serious.

Hardens New Stuff: Simple Tricks for Best Results.

First things first, I updated everything. Seriously, everything. I ran the update and upgrade commands to make sure all the packages were current. This is like security 101, but it’s easy to forget.

sudo apt update && sudo apt upgrade -y

Next up, I configured the firewall. I’ve used ufw before, so I stuck with that. I enabled it and set up some basic rules to allow SSH, HTTP, and HTTPS traffic. I’m not running anything else on this server, so I kept it simple.

  • sudo ufw enable
  • sudo ufw allow OpenSSH
  • sudo ufw allow http
  • sudo ufw allow https

After that, I tackled SSH hardening. This felt a little daunting at first, but it’s mostly just editing a config file. I disabled root login, which is a big no-no. I also changed the default SSH port to something random, just to make it a little harder for bots to find. And, most importantly, I set up key-based authentication. No more passwords!


sudo nano /etc/ssh/sshd_config

To be honest, I spent a good chunk of time generating SSH keys and making sure they were working correctly. I copied my public key to the server and then tested the connection. It felt pretty good to log in without typing a password.

Hardens New Stuff: Simple Tricks for Best Results.

Then I looked at fail2ban. I had heard of this before, but never actually used it. I read the documentation and configured it for install and configured it to protect my SSH port. I made sure to do a test.


sudo apt install fail2ban -y

Finally, I did some basic checks, like reviewing open ports and checking running services. I didn’t find anything unexpected, which was a relief.

I’m no security expert, but I feel like I’ve made some solid progress today. It’s definitely a learning process, and I’m sure there’s more I can do. But for now, I’m feeling a bit more confident about my server’s security.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Related articles

as giants split hat benefits why its worth having

Heard some talk about giant companies breaking into pieces lately, thought it was just management gobbledygook. Well, our...

What is sam gittins famous for? Explore his top performances here!

So this whole thing started when I heard the name Sam Gittins popping up somewhere – maybe a...

Fairway Forest Resort Rooms Which One Is Best For Your Stay This Year

Alright folks, let me walk you through exactly how I figured out the best room pick at Fairway...

Boot Spurs What Are They For? Discover Their Top 3 Useful Jobs!

Alright guys, today’s been one of those “why the heck not?” kind of days. Woke up kinda bored,...