Skip to main content

Posts

Showing posts from November, 2016

LAMP : Apache Web Server Security Hardening

Firewall - UFW A good place to start is to install a Firewall.
UFW - Uncomplicated Firewall is a basic firewall that works very well and easy to configure with its Firewall configuration tool - gufw, or use  Shorewall, fwbuilder, or Firestarter.
Use Firestarter GUI to configure your firewall or refer to the Ubuntu Server Guide,  UFW manual pages or the Ubuntu UFW community documentation.

Install UFW and enable, open a terminal window and enter :

:~$ sudo apt-get install ufw

Allow SSH and Http services.
:~$ sudo ufw allow ssh
:~$ sudo ufw allow http
:~$ sudo ufw allow https/tcp

Enable the firewall.
:~$ sudo ufw enable

Check the status of the firewall.
:~$ sudo ufw status verbose


SSH Hardening - key based login, disable root login and change port.
The best way to secure SSH is to use public/private key based login. See SSH/OpenSSH/Keys
If you have to use password authentication, the easiest way to secure SSH is to disable root login and change the SSH port to something different than the sta…