• Rimu@piefed.social
    link
    fedilink
    arrow-up
    0
    ·
    8 months ago

    Ubuntu has a set of scripts you can run to harden a new server (not advisable on a server that has already been configured for something). You need an Ubuntu Pro subscription to access them but you can get a free trial and then cancel it after you’ve finished.

    More info at https://ubuntu.com/security/cis.

    I did this process for a customer recently and it was pretty straightforward and much much more thorough (over 100 configuration changes) than just tweaking SSH and fail2ban.

    I expect other commercially-oriented distros offer something similar.

    • MindlessZ@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      8 months ago

      Fwiw you don’t need to cancel or trial anything. Everyone can get free Ubuntu pro licensesbfor up to 5 machines