from Hacker News

Securing a Linux Server

by matricaria on 9/4/24, 1:15 PM with 25 comments

  • by petesergeant on 9/4/24, 3:32 PM

    Is there any point in Fail2ban if you're using keys and have disabled passwords? I guess defense in depth and all that
  • by jasonrojas on 9/5/24, 3:59 AM

    There are a few other posts on HN with the same title. Some things to also consider that I had not seen mentioned: PCI CIS Etc…

    Include many more things specifically around ssh that you can do outside of fail2ban, also things that are requirements for the above….

    These posts are good but slightly miss a lot of security practices that are “standard”. As always the best security is not allowing the system to be connected to anything. But in the event that you have to have a system with such availability, it’s always best to introduce at least CIS foundations and whatever you see fit for security. Just my .02..

  • by klaussilveira on 9/4/24, 3:31 PM

    This is neat. Modern take and very pragmatic.
  • by laweijfmvo on 9/4/24, 5:10 PM

    After following this guide, all requests to my website time out, so I guess it's secure!
  • by KenHV on 9/5/24, 6:11 PM

    I'm surprised my post made it to HN :D