Six Steps to a More Secure Linux Server

I've worked as a remote Linux System Administrator for quite a while, and one thing that I've noticed is that many "administrators" out there don't know how to configure or secure a server properly. This article is a quick reference on some of the more important (and easy) security or configuration tweaks that any administrator should do for their server. These six steps can dramatically increase the security and stability of any Linux server. The best part about these tips, is that they are all quick and easy to do as well, with each step taking less than 15 minutes!

1.) Security Updates Not Installed
Almost every server that I work is not the newest (and surest) software. Yes, Linux is a great operating system software, but has all the security problems. Enable the installation of automatic updates using a cron script, or is similar to the simplest and easy way to make sure that your server is not compromised. There really is no excuse to not have the latest security updates to install

2.) Disable root login via SSH, and password authentication
Admittedly, I've been guilty of this myself sometimes. Let's face it, everyone likes being able to quickly and easily log into their servers, and change settings. However, if you're using password authentication, what's to keep someone else from logging into your server? In addition, you should not use password authentication on your Linux server, to prevent others from logging into your Linux server. Instead, enable RSA signed authorization keys. This is more secure, since an attacker will not be able to guess or brute force a login session with your server.

3.) Disable or filter extra services
This is the second biggest problem is that I look over the new customers with servers. Often the system administrator to build their Linux server does not automatically imply a necessary final step filter incoming connections that are not necessary. I've seen it all run from the day service, MySQL is waiting for connections on a remote IP. If a Linux administrator is not familiar with iptables, there are several tutorials that someone will show you how even a simple firewall ruleset. Moreover, disabling unnecessary services is a fundamental step to optimize the server as well, why extra services that run to tie resources if they are not needed?

4.) Test accounts or guest accounts still active
Another glaring security hole (and often used is one) that a customer will not have to be test-user is run (often with very simple passwords, such as test) if a software solution for a production server is deployed. I do not need the security implications of this single-make sure that getting rid of you, the guest or trial accounts!

5.) Advertising banners left on
We all like advertising, is not it? However, the advertising world, for the version of Apache or Sendmail, you run on your Linux server is the three-year-old, is not to be concerned about, it is necessary. Disable the server as long as the banner will help to hide the script from a fundamental reliance on attacking your server. Moreover, why is bad to help determine the software server is running?

6.) PHP errors or application errors
I'm pretty confident that we have all seen an error or two displayed on a website. Some errors that are displayed are not a security issue at all, for instance Javascript errors. However, some errors are security issues (PHP is particularly bad with this), because they disclose sensitive information. The easiest way around this is to disable displaying errors in PHP (or your web applications). Otherwise, an attacker may be given information about your website's database details, or file locations.



These issues are the top 6 security issues that I see on a daily basis in my work. You can all check your server or servers for these quick issues (these tips take almost no time at all), and dramatically increase the security of your server. However, if you have any problems implementing these security steps, please feel free to contact me.