This page looks best with JavaScript enabled

How to Secure A Web Server

 ·  ☕ 2 min read  ·  ✍️ Chris Titus

In this article, I show you all the steps needed to secure a web server and improve your security. I recommend doing all of these things on every installation. Also, just because you secure your server doesn’t mean you can neglect it. I highly recommend monitoring it and adjusting security as needed. Monitoring is required for proper security in my opinion.

Secure A Web Server Steps

firewall-png-577×359

Install UFW

1
2
3
4
5
6
sudo apt-get update  
sudo apt-get install ufw  
sudo ufw limit 22/tcp  
sudo ufw allow 80/tcp  
sudo ufw allow 443/tcp  
sudo ufw enable

Verify
sudo ufw status

Do Global blocks

1
2
sudo ufw default deny incoming  
sudo ufw default allow outgoing

ssh

Change SSH to Key

Remote Machine: ssh-keygen -t rsa

Transfer to Server

Method 1:

Transfer pub ssh key to server

1
2
scp ~/.ssh/id_rsa.pub user@server.com:~
cat ~/id_rsa.pub >> ~/.ssh/authorized_keys

Method 2:

Copy key and place in authorized_key file in one command
ssh-copy-id -i ~/.ssh/id_rsa.pub user@server.com

Secure a Web Server Disabling Password Auth through SSH

Change the following lines in /etc/sshd_config

ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
PermitRootLogin no

Edit /etc/sysctl.conf

Enable security features

settings

Prevent IP Spoof /etc/host.conf

Change File to mirror below:

​order bind,hosts
multi on
nospoof on

Install Fail2Ban

1
2
3
sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Check Listening Ports

netstat -tunlp

You will now have completed the basics of a secure web server!

Video Walkthrough

secure web server
Note: YouTube Video - Hold Ctrl + Left Click to open in new window

Chris Titus Tech

Social

Exclusive Content

  • ChrisTitus.com Members Section (CC Only)
    • Digital Downloads with Guides and Pre-Built Images
    • Monthly Members Only Video
    • $5 Per Month (100% of Proceeds goes to Chris Titus Tech)
  • YouTube Chris Titus Tech Membership (All Payments Accepted)
    • Monthly Members Only Video
    • YouTube Emojis for Comments and Live Chat
    • YouTube Badges that changes based on membership time for comments and chat.
    • All YouTube comments are highlighted when I review comments daily.
    • $4.99 Per Month (70% of the Proceeds goes to Chris Titus Tech)

Chris Titus
WRITTEN BY
Chris Titus
Tech Content Creator