To Increase CentOS Linux Server Security, all we need to do the following with little patience. Also, we need to have a little knowledge of Linux systems!
1. Install A Rootkit Scanner
Many security experts think a rootkit to be the most critical type of malware. Rootkits are a type of malware that can hide at the core of the operating system, and sometimes no one can find them, even antivirus.
Interestingly, some rootkits hide in antivirus software, and this the way how they put your CentOS Linux Server security in danger. Rootkits put themselves at the elementary level of user way after being placed in the operating system, or Linux and Unix terms, in the Root Access or Super User layer. Sometimes, that is why they put the name Rootkit on themselves. Many hackers can use them for many purposes. A hacker can use a remote rootkit to have full and high-level access to your system and can install other malware he needs through the same rootkit.
2. Change The SSH Port
CentOS security is just like all other Linux distributions. Almost everyone, especially hackers, is well aware that the SSH protocol's default port is 22. By changing this port, you can make the work of hackers a little harder so that they can plan an attack on this port and put your CentOS Linux Server security in danger. To do this, open the SSH file with one of your editors, such as Nano or VIM.
# cd /etc/sysconfig/network-scripts # ls # nano ifcfg-ens160
Note: Before making modifications, be sure to list the new port you want to set, in the firewall whitelist to avoid any problems.
Then change 22 to your desired port and save the file. Also, after doing this, restart the SSH service once to apply the changes.
CentOS: systemctl restart sshd.service Ubuntu / Debian: systemctl restart ssh
3. Enable cPHulk In WHM
cPHulk is a tool that preserves your server upon brute force attacks. Brute force is a technique that hackers use to obtain the password of a service or web server. cPHulk serves as a secondary antivirus or firewall in the Control Panel and protects your user accounts.
Which Service Do cPHulk Monitor?
- WHM / cPanel
- POP3 / IMAP / SMTP (communications such as email and webmail)
- FTP / SFTP
CPHulk can also automatically block or lock the following:
- IP addresses entered.
- User accounts that have been abused by repeated efforts.
Which Methods Do cPHulk Block?
- Temporary Block: The block will perish after the allotted time.
- Daily Block – In this case, the account or IP address will be locked for 24 hours.
- Permanent block – This will happen after numerous temporary blocks.
4. Disable Login With Root Username
Disabling the root user is one of the actions of server administrators to increase CentOS Linux Server security. The root user has unlimited access to the operating system. This user has access to all commands and files in the system to read, write, and execute. The root user is used to create and set a new user, install and delete software packages, and configure operating systems and software. Alternatively, create an admin user and use the sudo command when needed for root access.
Note: Before disabling the root user, create a user first.
5. Disable Open Ports
Port scanning is the method of checking open ports on a victim computer. In fact, by ordering to check the open ports, the victim's computer is hacked, although important network ports for hacking are more popular today. In the port scanning process, the attacker connects to various TCP and UDP ports and tries to find a list of open ports in listen mode. It is just like a thief looking for the open doors of a house. The victim computer runs several services, each listening to a specific port.
One of the best tools for checking system ports is NMap.
6. Keep The Server Software Up To Date
Neglecting necessary security updates infects many websites every day. Because most software updates are published to users when a security bug is identified and then fixed. Suppose the provided updates do not cover these vulnerabilities. In that case, your website will still be at risk of being attacked and your CentOS Linux Server security will be in danger by all kinds of malware.
Let's believe that these updates are not meant to make your life harder. Think for a moment about the stress and loss that will come to you when your website is hacked. So we need to take the latest updates very seriously.
What Updates We Should Never Ignore?
- Website Content Management Systems
7. Remove Additional Modules And Packages To Increase CentOS Linux Server Security
Any package or tool that you do not install and use, in addition to slowing down the server, can open new ports on the system and cause problems. Also, some programs may have vulnerabilities that can create new paths for hackers and compromise your server.
8. Regular Backup Of Information
Despite doing all the security precautions, because the security is never 100%, the information inside your server may be lost. In this case, the only way left is to restore the data from the backup server. But what happens if you do not back up? You lose the information inside your server, and if this information is important and likely to be, you will suffer a lot. So be sure to back up your server data daily.
9. Install And Use Antivirus
There was a time when we thought that Linux users were not the target of cybercriminals. Most users felt that Linux was a system that was completely safe against malware and viruses, but this is not true. For years now, users have been asking this question that does Linux need an antivirus?
Why is Linux considered to be more secure than Windows?
Hackers target most Windows users. For several reasons, the problems that malware causes on the Windows operating system are greater than those on the Linux operating system.
Like Windows, CentOS Linux Server security may be in risk with various malware, including viruses, worms, rootkits, keyloggers, backdoors, trojans, ransomware, and more. But because these malware does not have enough access to root access, they can not widely infect the Linux operating system. However, to deal with these threats, Linux users also need security software such as antivirus. Linux users can use ClamAV antivirus software on their systems.
10. Use A Strong Password
Preserving information and keeping personal information private is not a secret to anyone. Taking a secure password can play an essential role in keeping you safe.
How To Set A Strong Password To Increase CentOS Linux Server Security?
- Password Length should be at least 10 characters.
- Do not use consecutive numbers and words such as 123456 or.
- Be sure to use the numbers in the password.
- Be sure to use uppercase letters in the password.
- Do not use specific numbers such as year of birth or national ID card in your password.
In general, the password should be a combination of special characters, numbers, words and uppercase and lowercase letters.
12. Installing And Configuring A Firewall
A firewall is a system that protects your network or personal computer from intruders, unauthorized access, malicious traffic, and hacker attacks. Firewalls work by exchanging and routing packets between networks. They control and manage incoming and outgoing traffic to the network and allow a specific person or user to enter and access a particular system according to their rules.
If you have CentOS operating system installed on your server, we recommend using the CSF firewall. Config Server Firewall, or CSF for short, is a free and advanced software firewall for most Linux distributions and Linux-based servers. The CSF interface integrated into popular Linux control panels such as Cpanel, Directadmin, and Webmin.
13. Monitoring Your Server
The primary purpose of creating computer networks is to provide users with access to resources and applications on the servers, and all network equipment configured to this end. Lack of integrated and continuous monitoring of servers' health and resources reduces the speed of access to information and programs, disruptions, and ultimately complaints and dissatisfaction of users and create significant financial losses for the organization.
One of the useful tools for server monitoring is the Zabbix tool. By Installing Zabbix 5.0 LTS on CentOS, you can guaranty your CentOS Linux Server security by monitoring it.
Hackers are increasingly targeting websites that are bigger, more popular, and more visited. Increasing the CentOS Linux Server security is essential because you are using this Service instead of shared hosting. This indicates that your application or site has high traffic or is progressing very fast. While attracting more hackers to hack your website, the same thing should also draw your attention to increase your virtual server's security. Damage to your project and property is a disaster, an asset you may have struggled with for years.
Preserving this asset is worth it to increase the security of your server by doing the above.