Securing Ubuntu Linux Server Pub

Having done many things to my server, I have started to forget the many steps, so here's a list of some sensible steps to secure a server. Other articles:

hard to guess accounts and passwords

This may sound stupid, but there are many automated attacks trying simple passwords, especially if your website annoys someone...

Also, do not use root for everyday business, use another, less obvious account.

close the most common ports

if you're running services there (like a mysql) or something, via iptables. Leave only legitimate application port numbers like 80 open to the world.


If possible, use iptables to block access except from a known IP address. May not work if you need access from anywhere...

access eggs in one basket

Make sure telnet and other access services are disabled - only allow ssh for connections and secure it appropriately.

configure ssh to disalow root access

vi /etc/ssh/sshd_config
PermitRootLogin no
MaxAuthTries 2
service ssh restart

Make sure you have another user that you can login to, so you can ssh to that user and then su to root.

Also add this line - it will make logging in faster:

UseDNS no

limit no of ssh attempts per minute to 3 - section 6

iptables -A INPUT -p tcp --dport 22 --syn -m limit --limit 3/m --limit-burst 3 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 --syn -j DROP

To audit a server

Check the /var/log/auth.log every now and then for break-in attempts

NTP time

It is important to keep the time up to date on your server, so heed this:

vi /etc/cron.daily/ntpdate



and make it executable:

sudo chmod 755 /etc/cron.daily/ntpdate

time zone - Java has some issues: # sudo cp /etc/localtime /etc/localtime.dist # sudo ln -fs /usr/share/zoneinfo/Canada/Eastern /etc/localtime

but also

# echo "Canada/Eastern" | sudo tee /etc/timezone

Was this useful?    

By: Razie | 2012-05-15 .. 2012-10-15

Viewed 328 times ( | Print ) this page.

You need to log in to post a comment!