Hardening

Apache hardening profile

Harden the Apache web server configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.

OpenSMTPD hardening profile

Tighten the already secure OpenSMTPD software on Linux by using this predefined profile that uses the systemd sandboxing options.

Hardening guides

Linux hardening security guides collected in one area, covering systems like AlmaLinux, Arch, Debian, Fedora, Ubuntu, and others.

System hardening

Everything related to system hardening, from hardening guides to tools. Configure, test, and secure your system with these articles.

Nginx hardening profile

Harden the nginx configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.

Hardening profiles for systemd

Collection of predefined hardening profiles for systemd that can be used to secure your applications. With detailed explanation of the unit settings.

Nginx security hardening guide

Learn how to secure your nginx configuration with this hardening guide. It includes examples and tips to implement security measures step by step.

OpenSSH security and hardening

The SSH configuration influences the security of your Linux system. This guide helps you to secure your OpenSSH server and client configuration.

How to secure a Linux system

Looking to secure your Linux system? This security guide shows you how to perform system hardening and run technical audits to keep it in optimal condition.

Postfix Hardening Guide for Security and Privacy

Secure the mail configuration of Postfix with this step-by-step guide, use relevant commands, and increase both security and privacy.

Ubuntu system hardening guide for desktops and servers

Step by step guide to secure any Ubuntu desktop or server. Harden your Ubuntu during installation and afterwards with the available security tips.

Linux security guide: the extended version

Feeling overwhelmed with the options available to secure your Linux system? With this guide, we walk step-by-step through the option, tools, and resources.

Linux system hardening: adding hidepid to /proc mount point

The pseudo-filesystem /proc contains a lot of useful information for the system administrator. With the hidepid option we can restrict what users can see.

Linux hardening with sysctl settings

The Linux kernel can be secured with the help of kernel tunables called sysctl keys. Learn how system hardening principles can be applied using sysctl.

Linux Security Guide for Hardening IPv6

Extensive guide to help you secure your IPv6 configuration on Linux. From initial set-up to hardening the kernel with sysctl.

Tiger is History, Long Live Modern Alternatives!

The tiger tool was known for a long time to help with auditing Unix-based systems. Fortunately there are new tools that are better maintained.

Security Defenses to Fortify your Linux Systems

Your Linux systems should be protected against common security attacks. By using 4 common techniques, we can fortify our systems like a real fortress.

Lock Down Strategies for Linux Servers

Securing a Linux system is called system hardening. Learn more about strategies to properly lock down Linux systems, from networking up to file integrity.

Find the alternatives: CIS-CAT auditing tool

Sometimes time or money is limited. We hunt to find great alternatives to commercial solutions. This time alternatives for the CIS auditing tool CIS-CAT.

Security Integration: Configuration Management and Auditing

Configuration management and system auditing go hand in hand. In this article we cover both and learn why this combination is so powerful.

Why Linux security hardening scripts might backfire

We talk about the risks when using Linux security hardening scripts in this article. Hardening Linux with scripts might look like a nice idea, but is it?

Using Open Source Auditing Tools as alternative to CIS Benchmarks

Hardening guides, and the CIS benchmarks in particular, are a great resource to harden your system. But there are alternatives.

Securing mount points on Linux

Since data is stored on file systems, appropriate measures should be taken to protect it. Learn how to secure mount points on Linux.

Alternatives to Bastille Linux: system hardening with Lynis

Bastille Linux is a great tool for hardening of Linux systems. With the project looking outdated (or even dead), there are new alternatives to Bastille.

Security Automation for Linux: Are Humans Still Needed?

Machines are smarter, quicker and make less mistakes compared to humans. They might be the ultimate resource for security automation, securing our systems.

Protect against the BEAST attack in Nginx

The BEAST attack showed up in 2011 and some servers are still vulnerable to it. With the right protocols, ciphers and preference, we can keep the BEAST out.

Do NOT use Linux hardening checklists for your servers

The solution to avoid using Linux hardening checklists for your servers is simple. With proper automation and regular checks, checklists could be avoided.

How to deal with Lynis suggestions?

Auditing tool Lynis for Linux, guides administrators with discovering weaknesses. This article helps in dealing with Lynis suggestions displayed on screen.

Are security hardening guides still useful?

With Linux being decently hardened by default, would it make sense to invest in reading hardening guides? The short answer: yes!

Hiding the nginx version number

Security professionals usually don't advise to use security through obscurity. Still, it's wise to hide the nginx version number.

Hardening Guides and Tools for Red Hat Linux (RHEL)

Overview of tools and hardening guides to implement system hardening for Red Hat Linux. Also applies Fedora, CentOS and Scientific Linux systems.

Linux server hardening and best practices

One of the myths is that Linux systems are secure by default. Learn what kind of measures you can implement and which security tools help with that.

Linux server security: Three steps to secure each system

Article about Linux server security and guidance for securing your Linux systems. Focus on auditing, hardening and compliance, to improve security defenses.

FreeBSD hardening with Lynis

This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.