Shulou(Shulou.com)06/01 Report--

Operation and maintenance safety in the current operation and maintenance environment is still very important, I will be divided into several common security items listed, there are deficiencies, welcome to add.

The network

1. Public network connections are prohibited for services that are not open to the public, such as databases and redis.

2. Shut down some useless services and ports

3. Open ports 80 and 443 for public network access (* * or jumper ports)

4. Prohibit the public network ssh from connecting to the server (optional, you need to install * * or springboard)

System

1. Minimize the installation system

2. The server logs in with non-root permissions or certificates.

3. Start the service with non-root users

4. Open the firewall and open only the ports provided to the outside world.

5. Update some security or encryption aspects of system software such as bash openssl openssl-devel libc

6. Install fail2ban software to prevent ssh brute force cracking tool (optional)

7. The password meets the minimum length and complexity.

Operation

1. Log in to the server with non-root users and operate

2. Operation records (audit), dangerous commands are prohibited for use other than root

Service

1. Hide the service version number

2. Service port division, such as 8000-9000, for all applications.

Application

In general, there are.

Webshell

SQL injection

Monitor and control

1. Basic monitoring, such as cpu, memory, internal disk, network traffic

2. Service monitoring, such as nginx, tomcat

3. Service health testing and monitoring through api or direct analog access

4. Log monitoring, sub-system log and service log monitoring

Monitor ssh login

Audit

Record and audit user operations

Daily inspection

Regularly check and update system patches

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.