In the next part of the series, the protection of webservers is explained. In this example I use Apache HTTPd webserver. Similar configurations are also available for e.g. nginx. There are various reasons for protecting the webserver itself (webapplications installed will be described in on of the next posts). Attackers are e.g. scanning the server for vulnariblties or try to attack the server using invalid input.
As the next part of the series, the protection of the most common service SSH is described in this post. Almost every Linux based server will run a version of ssh daemon to be able to login from remote. In this post I will describe how to protect ssh using fail2ban.
After setting up fail2ban its time to check which ports are open. Potentially each open port should be protected using fail2ban.
Fail2ban helps a lot to get rid of unwanted traffic to your server which cleans your log files a lot. In this post I will describe how to setup fail2ban on your server.
Using fail2ban it is easy to ban unwanted users from your servers by denying access to it using the local firewall capabilities.