How to secure the Linux server?

I’m going through the following guide and would appreciate any comments about:

  1. Which things described in this guide are absolutely must do?
  2. Which things may cause issues with Discourse administration or usage? (e.g. reboots with unattended upgrades).

Although the guide is focused on securing a home-based (private) server, I think it’s relevant for self-hosting.

I’m using Ubuntu 18.04 FYI and already enabled the security recommendations as per Discourse INSTALL guide

Are the following recommendations suitable (won’t conflict) for the normal work of a Discourse forum?

Automatic Security Updates

Firewall with UFW

Anti-Virus Scanning and Rootkit detection

Gmail and Exim4 As MTA With Implicit TLS

iptables Intrusion Detection And Prevention with PSAD

1 Like

I support automatic security updates, UFW hardening

Use something like mailgun for discourse emails.

Everything else is probably unnecessary.