25 Hardening Security Tips for Linux Servers

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Use our Linode referral link if you plan to buy VPS (it starts at only $10/month).
  4. Support us via PayPal donate - Make a Donation
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Ravi Saive

I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

Receive Your Free Complimentary eBook NOW! -

Download Free Linux eBooks

Advanced Bash-Scripting Guide
Linux Bible
A Newbie's Getting Started Guide to Linux
Introduction to Linux - A Hands on Guide

You may also like...

62 Responses

  1. Khushal Bisht says:

    Hi Ravi,

    Any server-hardening-security-tips article then suggested me…because this article is very basic times. We need more security in servers…..also Suggested me any PAM article

  2. Dave says:

    I stopped reading at number 2. Different partitions do nothing for security or protection. If anything it can cause problems by having a partition that can become too small and fill. With current systems you can use raid 1 or do a rsync of the entire disk daily. The only real disk that needs to protected is /home.

  3. medhat ahmed says:

    number 8 in this list doesn’t work “disable usb”

  4. Gareth says:

    One caveat on the way the SELinux tip was worded: just enabling it on its own does not instantly and magically give you any extra security, but it will slow your system down. If you’re not making explicit use of the features that it offers then disabling it will not reduce your security.

    SELinux is a module that provides more fine-grained access control over security policies. Before enabling it find out what it is and whether you will use that extra level of control, and balance that need against the fact that it does come with some amount of negative performance impact.

    But don’t just treat “Enable SELinux” as a checklist item to get out of the way and quickly move on, every installation.

  5. Tanveer says:

    Awesome…Appreciate your efforts…Looks like you can help me with my dilemma..I have installed RHEL 7.1 & 6.5 on VM in VMware work station. But I am not able to create repository..In fact, rpm also does not work. Any comments please? I am not able to move forward with setting up my server.

  6. MOHD TAUHEED says:

    Hi,

    I want to block all user for cp and scp from our remote server to my local machine. please suggest me ..

    Thanks

    • Ravi Saive says:

      @Mohd,

      In sshd_config file, just comment out the following line to disable scp connections.

      ## override default of no subsystems
      #Subsystem       sftp    /usr/libexec/openssh/sftp-server
      
  7. Akshay Chakre says:

    Very easy to understand…Too Good

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

Join Over 150K+ Linux Users
  1. 100,756
  2. 5,113
  3. 36,418

Enter your email to get latest Linux Howto's