Protecting the web server with sensitive information is crucial to secure your website. Linux servers are one of the most popular choices among developers and businesses. According to a report, 96.3% of the top 1 million web servers run on Linux. So, there is no denying that Linux has a massive market presence, and data protection is crucial if you use it.
In 2024, Linux had 88 vulnerabilities, with an average severity of 6.6 out of 10. At the current rate, the number of vulnerabilities in Linux will surpass the 282 mark in 2023. So, you must plan your Linux server security to prevent data leakages and ensure security. This article will help you with best practices to ensure data protection.
Best Linux Server Security Practices for Sysadmin
1. Keep Software Updated
Data leakages will occur if you don’t update your software packages, operating system, and installed applications. So, here are some steps to follow to ensure your systems are up to date with the latest security updates.
- Use package management tools in Linux, such as apt, yum, or Pacman, to easily install application updates.
- Configure automated update mechanisms for your Linux server to ensure critical security updates are installed.
- You can also manually update the software packages by using the following commands:
For Ubuntu/Debian,
sudo apt update
sudo apt upgrade
Fedora
sudo dnf check-update
sudo dnf upgrade
CentOS/RHEL
sudo yum check-update
sudo yum update
Arch Linux
sudo pacman -Syu
openSUSE
sudo zypper refresh
sudo zypper update
2. Use Strong Passwords
Compromised passwords are one of the major contributors to data breaches worldwide. According to Norton, 65% of the increase in compromised passwords occurred between 2020 and 2022.
This worries many businesses, especially given the increasing costs of data breaches. So, if you are planning Linux server security, one key practice is to set a powerful password.
Here are some critical Linux server security practices for stronger passwords.
- Create passwords with at least ten characters, including special characters and a combination of uppercase and lowercase letters.
- Ensure unique passwords are set for every system and application.
- Regularly make password changes to ensure security
- Use a password manager across applications and systems to ensure no data breaches.
3. Enable Linux Firewall
Linux firewalls are crucial for system protection. You can use them in both command-line and GUI utilities. These firewalls are customizable, and you can define specific security rules to ensure better data protection on the Linux server.
Here are some steps to follow for Linux server security by enabling firewalls:
- Use a firewall tool like IPtables, Netfilter, FirewallD, and UFW to filter incoming, outgoing, and forwarded IP packets.
- Implement a DROP rule as the default security policy to block incoming connections.
- Determine which ports and services are open on the firewall and create an acceptable rule of these portals.
- Enable auto-start for firewalls on system boot.
- Ensure firewall configurations are active across reboots by saving them on the server.
4. Disable Root Login
Disabling direct root login helps improve Linux server security, preventing cyber attackers from accessing your sensitive data.
- Log in to the Linux server as the root user.
- Open the SSL configuration file /etc/ssh/sshd_config using a text editor
- Locate the command line “PermitRootLogin yes” and change it to “PermitRootLogin no” to disable direct login over SSH
- Save the configuration changes and restart the SSH service
- Next, create a new user account with sudo privileges.
5. Implement SSH Key Authentication
Implementing the SSH key authentication eliminates the risk of password compromise and secures remote access to the server. Here are some key steps to implement SSH key authentication.
- Generate a new SSH security key pair on the local device by running ssh-keygen command.
- Configure the SSH client to use the new private key for configurations.
- Copy contents of new public key generated on the remote Linux server by using ssh-copy-id or by manually appending the public keys with authorized_keys.
- Test your SSH connections to the remote server using new key-based authentication.
This Linux server security practice reduces the attack surface and improves data protection for your system.
6. Monitor the log files
Monitoring and analyzing the Linux server can help enhance data security, especially by identifying anomalies in the system. Here is how you can do it,
- Collect and aggregate log files from all your Linux servers into a centralized repository.
- Implement mechanisms to automate log analysis and monitor the system
- Monitor Linux authentication logs for anomalies, malicious login attempts, and unauthorized data access.
- You can use cloud-based monitoring solutions with a hybrid infrastructure with multiple on-premise and cloud servers.
- Audit your logs regularly and identify malicious patterns.
- Configure your Linux server security systems to log each suspicious event, such as authentication attempts or access control violations.
7. Install Security Updates Automatically
One key Linux server security practice is ensuring your system has all the updates needed to secure data access.
- Install unattended upgrade packages, which automatically download and install at the scheduled time.
- Configure automatic upgrades by editing /etc/apt/apt.conf.d/50unattended
- Enable automatic updates by adding a configuration file “/etc/apt/apt.conf.d/20auto.”
- Schedule auto-reboot of the system once all the security updates are installed.
8. Use SSL/TLS Encryption
SSL/TLS encryption helps secure the communication between your Linux server and the browser. It scrambles the data and makes information unreadable for cyber attackers. Here is how you can buy SSL certificate for your Linux server security,
- You can choose one of the leading certificate authorities to purchase an SSL certificate.
- There are several options, and you can choose the one suitable for your server based on different use cases.
- For example, you can use a wildcard SSL certificate if you have multiple subdomains that you want to secure with a primary domain.
- You must submit a certificate signing request to the CA to issue SSL certificates.
- CSR will provide all the necessary details about your business.
- Once you submit the CSR, the CA verifies all the details and issues the certificate.
- You can download the file contents sent over by CA through email and import them onto the Linux server.
- Once you import it, configure the Linux server for better security.
9. Limit User Access
Limiting user access is essential to avoid cyber attacks, especially with cyberattackers’ social engineering practices. Here are some steps for better data access control:
- Create a regular user account with administrative privileges, establishing sudo permissions to perform specific tasks.
- Implement a least privilege policy for data access where users can access only the necessary information.
- Configure access control lists by using tools like chmod and chown.
- You can also enable Linux modules like SELinux or AppArmor to provide an extra layer of security.
- Review your user logs and data access information regularly.
10. Regularly Back Up Data
Data backups are your fail-safe, so you can quickly get the website live if there is an incident. Here are some steps that you can use to ensure regular backups are always available:
- Create and maintain a comprehensive backup plan for your Linux server, including website files, databases, configurations, and any other data.
- Increase the frequency of backups to at least one power day compared to the traditional approach of nightly or weekly updates.
- Verify the backups regularly and test them for security
- Identify issues with the data stored on the backups and prioritize the backup strategy
- Keep detailed records of all the backups, data logs, and timestamps of backup
- Implement encryption across the backups to ensure data protection
Conclusion
Every year, the risk of cyber-attacks increases with new ways hackers attack systems. The Linux server security practices discussed above will help you overcome major vulnerabilities and improve data protection. Most importantly, these practices allow you to ensure that sensitive information is intact and that your systems are operational without downtime.
The post 10 Best Linux Server Security Practices for Sysadmin in 2024 appeared first on TuxCare.
*** This is a Security Bloggers Network syndicated blog from TuxCare authored by TuxCare Team. Read the original post at: https://tuxcare.com/blog/10-best-linux-server-security-practices-for-sysadmin-in-2024/