What security work does a Linux system need to do after initializing the environment?

Alibaba cloud Q & A 2022-02-13 06:37:31 阅读数:970

security work linux initializing environment

Can you be specific

Take the answer 1:

1、 Add normal user login , prohibit root The user login , change SSH Port number .

2、 The server logs in with a key , No password login .

3、 Turn on the firewall , close SElinux , Set corresponding firewall rules according to business requirements .

4、 loading fail2ban This prevents SSH Brute force Software .

5、 Only the company's office network is allowed to export IP Can log in to the server ( Look at the actual needs of the company )

6、 Modify the number of historical command records to 10 strip .

7、 Only servers that need access to the Internet are allowed , Everything else is forbidden .

8、 Do a good job in software protection .

8.1 Set up nginx_waf Modules prevent SQL Inject . 8.2 hold Web Service usage www User start , Change the owner and group of the site directory to www .

copyright:author[Alibaba cloud Q & A],Please bring the original link to reprint, thank you. https://en.javamana.com/2022/02/202202130637293321.html