Question
What is your server security check list?
- Posted on November 29, 2016
- SecurityLinux Basics
Asked by Andrew SB
Locking down the root acount, using SSH keys, installing fail2ban, and setting up a basic firewall are all things we should be doing in the first five minutes on a new server. After these basics, what other steps do you take to harden your servers? Are there security utilities that you consider essential? Have you implemented any intrusion detection?
Let’s share what’s on our server security check lists.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
Those are the basics I always run.
I usually recommend people to follow “CIS Security Benchmarks”, for example for Ubuntu 14.04
Related to security in an after-the-fact sort of way: Backups…lots of backups. Regular backups of your web-folders and databases in different folders for different times. Have those backups initiated from a different server that ssh’s into the droplet and backs up things then disconnects.
Also: a snapshot of your droplet in a working state.
If your server is compromised, or crashes …you can spin-up a droplet from that image and then restore your web-folder and databases from the most recent backup.