Increasing Linux server security
What are the solutions to increase the security of the Linux server? A Linux server is a server on which one of the distributions of the Linux operating system is installed. This server can be considered a type of computer always connected to the Internet, which has a special type of software and hardware. If you also use a Linux server, increasing its security is definitely one of your concerns. Although one of the main reasons for people’s acceptance of Linux servers is their high security, there are solutions with the help of which you can improve this security to the maximum extent.
But why is security so important in Linux servers? Linux server can be used for web hosting, mail server, file storage, etc. That is why it is very important to talk about high security in these servers. One of the advantages of Linux is its open source. Therefore, its security bugs are easily identified and fixed. Considering that hackers may always be able to find a way to infiltrate your server and system, it is essential to strengthen the security layers of your Linux server in several ways. In this article, we have mentioned 13 of the most practical possible solutions to increase the security of the Linux server.
Solutions to increase Linux server security
In what ways can we improve the security of the Linux server? Although one of the main features of Linux is its high security, but for your peace of mind, you have the possibility to adjust the security of this server according to your needs through solutions. Since hackers can always find a way, it is not bad to know these solutions and by doing them, try to improve the security of your Linux server to the maximum extent. In the following, we will introduce 13 practical solutions.
1. Enable open_basedir
One of the ways to increase the security of this server is to activate one of the php services called open_basedir. This system is a kind of security feature in PHP that prevents hackers. With the help of open_basedir, it is possible to make the access of a user through php only limited to the same user. In other words, when a hacker succeeds in penetrating a part of the server, if this feature is enabled, the hacker’s access is limited to that part and he cannot access other parts of the server.
2. Taking help from safe_mode
You are probably familiar with the Safe Mode status on your mobile phone. But this feature is not specific to mobile phones and is also available for operating systems. This mode is designed to remove malicious programs, viruses, find software errors, restore operating system settings, etc. In simpler words, it can be said that Safe Mode is a state of the operating system in which, if it is active, only essential files can be executed.
Enabling safe mode prevents malicious programs from running. If a malicious program is installed on your Linux server, it will run every time Windows boots. Most viruses and malicious programs that infiltrate systems with the intention of hacking servers are designed in such a way that they can disable or remove antiviruses. Therefore, if a malicious program has entered the server, the best solution to prevent it from running is to set Windows to safe mode.
3. Disabling remote code execution
One of the methods that hackers use to break into systems is to execute code remotely in the desktop service, which is called Remote Desktop Services. A hacker can run any code they want on your system. For example, it can install its own malicious programs on the server, and in this way, it can learn about the server’s data and even change them. To increase the security of the Linux server, it is better to disable Remote Desktop Services. In general, deactivating services that do not work for the system increases its security.
4. Disable display_error
Display error is a type of error report in php that some programmers activate with the intention of viewing and being informed of php errors. Due to security issues, it is better to disable this service because its activation makes it easier for unauthorized attackers to penetrate the server. Therefore, if you are looking for a way to improve the security of your Linux server, we recommend that you disable this error report and use another solution to view php errors.
5. Input size limitation
One of the ways to increase Linux security and prevent web attacks is to limit the input size. But what does limiting the input size mean? As you probably know, in the php language and in the post method, the data in the HTTP request is hidden in the header.
Sending malicious codes in parts of the site that takes input from the user on the post method is one of the hackers’ methods to penetrate the system. In such a situation, if you limit the input size in the config file, you can prevent attackers from sending these malicious codes.
6. Resource limitation
DOS attacks, which are shortened to Denial of Service attack, are known as Denial of Service attacks. These attacks are carried out by attackers or hackers. The purpose of these attacks is to temporarily or permanently suspend or interrupt the services of the servers hosting a site. One of the solutions that can be used to protect against these attacks to some extent and ensure the security of the Linux server is limiting resources.
7. Disabling some functions
Another way to prevent web attacks is to disable some functions. If you are using shared servers, it is better to close the functions that are threatening to the Linux server. Some of these functions are:
- curl_multi_info_read
- curl_multi_init
- curl_multi_remove_handle
- curl_multi_select
These functions are located in a file called php.ini.
8. Using the magic_quotes_gps function
Inputs that are sent from the user side to the server may be a security bug for the server for various reasons. Therefore, one of the things that can be done to increase the security of the Linux server is to use the magicquotesgpc function. This function provides the programmer or site developers with the ability to secure user-side inputs to the server to a great extent. To activate and use this function, you must access the php.ini file.
9. Disable expose_php
One of the ways to prevent attackers and hackers from infiltrating the server is to prevent them from accessing our server facilities. But how can this be done? Note that whenever php starts, it adds a message containing its version number to the server header. In order to hide this data from hackers, you can set the expose_PHP variable to off. By disabling this feature, the data and web server facilities are not easily available to hackers.
10. Installation of CSF firewall
As another way to increase Linux server security, you can install CSF firewalls, which are also known as firewalls. This system can be considered as one of the best server security services that have been very successful in its kind so far. If you are looking for one of the strictest security elements to improve server security, be sure to install CSF Firewall. As the name suggests, this system works exactly like a firewall.
In other words, after installation, at the entrance of a server, it carefully checks all incoming requests to it. You can enable any security settings you want on the firewall. After that, if any of the incoming requests to the server contradicts the information and settings registered in the firewall, the requests are deleted and prevented from being sent to the server. A firewall is powerful enough to filter and process thousands of gigabytes of data in just a fraction of a second.
11. Installation and configuration of CLAMAV antivirus
If you are looking for one of the best antivirus for Linux operating system, install CLAMAV Antivirus, which has the ability to detect a large number of viruses at the same time. Another advantage of this antivirus is that it is free. In addition to this, the database of this antivirus can be updated automatically. Despite the powerful tools such as the scanner provided by this antivirus, you no longer need to use graphical environments to scan your server; Rather, you can scan the server with the help of this antivirus’s own scanner. Installing CLAMAV antivirus is recommended as one of the ways to increase Linux server security.
12. Installing the ModSecurity module
ModSecurity module is a firewall that is installed on the hosting servers. Along with other software and hardware firewalls that you install to keep your server secure, adding this module can also act as a double layer of security. This module is able to control various attacks on the server to a great extent. Note that installing the security mode module alone is not enough to maintain the security of the server, but this module should be used along with other security firewalls to increase the site’s security level.
One of the positive features of this module is its programming power. The security mode can identify and block things that have already damaged the security of the site. Among the applications of this security module, the following can be mentioned:
- Ability to detect malicious bots and block them
- Checking any requests sent to the site, such as membership requests from the user
- Managing site traffic and checking them to ensure the absence of any security bugs
- Preventing the uploading of some files and managing any uploaded files on the site
- Managing the execution of commands and preventing the execution of malicious commands
13. Install CXS
As the last way to increase the security of the Linux server in this article, we should mention the installation of CSX. ConfigServer eXploit Scanner is a tool that can scan all files uploaded to the server. You can use this tool to prevent unauthorized attackers from exploiting the site and Linux server. The following are the positive features of this tool that help to maintain the security of the Linux server:
- CSX tool is able to block loading of suspicious PHP and Perl scripts. These downloads are usually done with the purpose of sending spam or malicious attacks.
- It has the ability to identify uploaded roots in user accounts.
- It is able to increase the efficiency and scalability of the server.
