← Back to Home

The Security Vault

Linux Server Hardening Best Practices

Basic Security Hardening Steps

1. Update & Upgrade System

sudo apt update && sudo apt upgrade -y

2. Create Non-root User & Disable Root SSH

  • Create a sudo user
  • Disable password authentication
  • Use SSH key-based authentication only

3. Firewall Configuration (UFW)

sudo ufw allow OpenSSH
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable

4. Additional Hardening

  • ✅ Install Fail2Ban
  • ✅ Disable unused services
  • ✅ Set strong password policy
  • ✅ Enable automatic security updates
  • ✅ Monitor logs with journalctl / auditd
This page is served via Nginx location block: /xyz