How I Harden My Linux Web Server Against Cyber Attacks (CentOS & Ubuntu Guide) | by Faruk Ahmed | Apr, 2025
#ufw#centos#ubuntu#web
Faruk

Faruk @cyberwebpen

About: InfoSec Analyst | 10+ yrs in DLP, CrowdStrike, QRadar, Qualys, Linux Admin, WebLogic Admin | Python & Bash Enthusiast | Passionate about cybersecurity, automation, and continuous learning.

Joined:
Apr 27, 2025

How I Harden My Linux Web Server Against Cyber Attacks (CentOS & Ubuntu Guide) | by Faruk Ahmed | Apr, 2025

Publish Date: Apr 28
0 0

Member-only story

How I Harden My Linux Web Server Against Cyber Attacks (CentOS & Ubuntu Guide)

--

Share

🔍 Intro:

Running a website isn’t just about beautiful pages and fast performance — it’s also about security. Every day, bots and attackers probe for weaknesses in web servers. Whether you use Apache or Nginx on CentOS or Ubuntu, this guide will walk you through the exact steps I take to lock down my servers and reduce risk.

🔐 1. Disable Unused Services

On both CentOS and Ubuntu, start by checking which services are listening:

sudo netstat -tulnp
Enter fullscreen mode Exit fullscreen mode

Stop anything unnecessary:

sudo systemctl stop bluetooth.servicesudo systemctl disable bluetooth.service
Enter fullscreen mode Exit fullscreen mode

🔒 Only allow essential services like SSH, HTTP/HTTPS.

🔐 2. Enforce a Strong Firewall (UFW or firewalld)

Ubuntu (UFW): 

sudo ufw default deny incomingsudo ufw allow 22/tcpsudo ufw allow 80/tcpsudo ufw allow 443/tcpsudo ufw enable
Enter fullscreen mode Exit fullscreen mode

CentOS (firewalld): 

sudo firewall-cmd --permanent --set-default-zone=dropsudo firewall-cmd --permanent --add-service=sshsudo firewall-cmd --permanent --add-service=httpsudo…
Enter fullscreen mode Exit fullscreen mode

👉 Read Full Blog on Medium Here

Comments 0 total

    Add comment