Skip to main content

Server Hygiene

Lock down a new server with sensible defaults. Add a non root user, harden SSH and sudo, enable fail2ban and firewall, and keep logs and updates under control.

Note: This module is being worked on. Below is the lesson plan you can expect.

  • Create a non-root user with an SSH key and sudo
  • Locking the root user and disabling SSH access
  • Installing fail2ban for SSH bruteforce protection
  • Creating and maintaining a firewall configuration
  • Basic logrotate configuration for system logs
  • Enabling unattended security updates

Next module: PHP & Nginx