Curiously many Linux administrators out there are clueless about properly securing or configuring a server. The following steps can significantly increase the stability and security of any Linux servers. These tips are all easy and quick to do as each can be completed in less than fifteen minutes!

1.) Installing latest security updates.

Of course, Linux is an amazing OS- but all software has security issues. Enabling the automatic updates installation through a cron script is the most foolproof and easiest way to make sure that your server security isn’t compromised. You have no excuse to not install the most recent security updates- earlier packages are stored in the package archives just in case there is a compatibility or stability issue.

2.) Disabling root login via SSH.

Admittedly, we all have been guilty of this occasionally. Let’s just face it, people like being able to easily and quickly log into the servers, and change important settings. However, if you are using password authentication, what is to keep others from logging into your system? Additionally, you shouldnt use password authentication on any Linux servers, to prevent someone else from logging into the server. Instead, activate RSA signed authorization keys. It is safer, since an attacker wont be able to guess and brute-force a login session.

3.) Disabling or filtering extra services.

Often, an administrator who configures a Linux server didnt perform the required final steps – filter unnecessary incoming connections. If a system administrator isnt familiar with iptables, he/she can find several documentations out there that will show the way to make a basic firewall ruleset. Additionally, disabling unneeded services is an essential step for optimizing a server- why run redundant services that consume resources if they aren’t necessary?

4.) Removing active guest accounts or test accounts.

One glaring security issue and also frequently exploited is that your server still has a running test user account (frequently with simple passwords, such as 123) long after its no longer needed. We don’t even need to discuss the obvious security ramifications, just make sure that you quickly get rid of those test or guest accounts!

5.) Removing version notification.

Many people despise advertising? Even so, advertising to the whole world that the version of Sendmail or Apache that you use on the Linux server is 4 years old isnt the kind of information you want to share. Simply turning off the server banners can help hide your server version from most script-dependent hackers. Besides, why help those guys in determining what software version your server is running?

6.) Application errors or PHP errors.

You may have seen an error shown on a website. Many errors arent a security issue, for example Javascript errors. However, certain errors are security issues and PHP is especially bad with this, as they disclose critical information. The simplest way around this is to turn off PHP error notifications. Otherwise, a hacker may be given important information about file locations on your server

These are top six security issues that you may see on a daily basis in your work. You should examine your servers to find these issues, solve them and significantly increase the server security.