Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free. Learn more →
How-To-Secure-A-Linux-Server Alternatives
Similar projects and alternatives to How-To-Secure-A-Linux-Server
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
authelia
The Single Sign-On Multi-Factor portal for web apps
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
Gitea
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
-
PowerDNS
PowerDNS Authoritative, PowerDNS Recursor, dnsdist
-
docker-socket-proxy
Proxy over your Docker socket to restrict which requests it accepts
-
r-selfhosted-security
Started from the beginners security guide on r/selfhosted - this repo aims to be a collection of guides
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
Paperless-ng
A supercharged version of paperless: scan, index and archive all your physical documents
-
wireguard-install
WireGuard road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora (by Nyr)
-
awesome-selfhosted
A list of Free Software network services and web applications which can be hosted on your own servers
-
-
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
-
ufw-docker
To fix the Docker and UFW security flaw without disabling iptables
-
yunohost
YunoHost is an operating system aiming to simplify as much as possible the administration of a server. This repository corresponds to the core code, written mostly in Python and Bash.
-
-
ansible-role-security
Ansible Role - Security
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
JShielder
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
-
PhotoPrism
AI-Powered Photos App for the Decentralized Web 🌈💎✨
-
Mergify
Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
How-To-Secure-A-Linux-Server reviews and mentions
-
Automating the security hardening of a Linux server
I have been using the How To Secure A Linux Server guide for quite a while and wanted to learn Ansible, so I created two playbooks to automate most of the guides content. The playbooks are still a work in progress.
-
Connecting to docker containers rarely work, including via Caddy (non docker) reverse proxy
If it works, I will then follow the hardening guide I did before (https://github.com/imthenachoman/How-To-Secure-A-Linux-Server) and test after every step
-
Resources to learn backend security from scratch
Maybe these two repos can help you, I've used them both from time to time to look up stuff I have no idea about as a frontend main: https://github.com/imthenachoman/How-To-Secure-A-Linux-Server https://github.com/decalage2/awesome-security-hardening
-
Ask HN: How can a total beginner start with self-hosting
> In short it’s all about control, privacy, and security, in that order.
I am going to strongly urge you to consider changing that order and move *security* to the first priority. I have long run my own servers, it is much easier to setup a server with strong security foundation, than to clean up afterwards.
As a beginner, you should stick to a well known and documented Linux server distribution such as Ubuntu Server LTS or Fedora. Only install the programs you need. Do not install a windowing system on it. Do everything for the server from the command line.
Here are a few blog posts I have bookmarked over the years that I think are geared to beginners:
"My First 5 Minutes On A Server; Or, Essential Security for Linux Servers": An quick walk through of how to do basic server security manually [1]. There was a good Hacker News discussion about this article, most of the response suggests using tools to automate these types of security tasks [2], however the short tutorial will teach you a great deal, and automation mostly only makes sense when you are deploying a number of similar servers. I definitely take a more manual hands-on approach to managing my personal servers compared to the ones I professionally deploy.
"How To Secure A Linux Server": An evolving how-to guide for securing a Linux server that, hopefully, also teaches you a little about security and why it matters. [3]
Both Linode[4] and Digital Ocean[5] have created good sets of Tutorials and documentation that are generally trustworthy and kept up-to-date
Good luck and have fun
[1]: https://sollove.com/2013/03/03/my-first-5-minutes-on-a-serve...
[2]: https://news.ycombinator.com/item?id=5316093
[3]: https://github.com/imthenachoman/How-To-Secure-A-Linux-Serve...
-
Selfhosting Security for Cloud Providers like Hetzner
I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist
-
Ask HN: What Linux setup/hardening guide do you use?
I can't claim to have been through it but this is sitting on my bookmarks folder and looks very useful: https://github.com/imthenachoman/How-To-Secure-A-Linux-Serve...
My only tip I haven't seen mentioned here is be very careful using docker with ufw, as by default docker will effectively override ufw port restrictions if it is told to expose a port.
- How I secure my VPS
-
Want to use Linux as main OS but help on hardening it.
As mentioned, there is some great software here https://www.privacytools.io/ and nearly everything you need to know to get started here https://wiki.archlinux.org/title/Security (useful even if you don't use Arch/Arch based distros, some of the stuff may be overkill and you need to figure out where to draw the line yourself in terms of tradeoffs). This guide, although it is geared towards servers also has some useful tips that apply to any linux system and is a little easier to follow https://github.com/imthenachoman/How-To-Secure-A-Linux-Server
- Recommendations for advanced material (reading material, courses, etc) on server security?
- Hardening linux for total newbie?
-
A note from our sponsor - Mergify
blog.mergify.com | 28 Sep 2023
Stats
imthenachoman/How-To-Secure-A-Linux-Server is an open source project licensed under Creative Commons Attribution Share Alike 4.0 which is not an OSI approved license.
Popular Comparisons
- How-To-Secure-A-Linux-Server VS authelia
- How-To-Secure-A-Linux-Server VS Gitea
- How-To-Secure-A-Linux-Server VS docker-socket-proxy
- How-To-Secure-A-Linux-Server VS lynis
- How-To-Secure-A-Linux-Server VS PowerDNS
- How-To-Secure-A-Linux-Server VS debian-cis
- How-To-Secure-A-Linux-Server VS Paperless-ng
- How-To-Secure-A-Linux-Server VS wireguard-install
- How-To-Secure-A-Linux-Server VS JShielder
- How-To-Secure-A-Linux-Server VS Wazuh