How to secure the Linux server?

I’m going through the following guide and would appreciate any comments about:

  1. Which things described in this guide are absolutely must do?
  2. Which things may cause issues with Discourse administration or usage? (e.g. reboots with unattended upgrades).

https://github.com/imthenachoman/How-To-Secure-A-Linux-Server

Although the guide is focused on securing a home-based (private) server, I think it’s relevant for self-hosting.

I’m using Ubuntu 18.04 FYI and already enabled the security recommendations as per Discourse INSTALL guide

Are the following recommendations suitable (won’t conflict) for the normal work of a Discourse forum?

Automatic Security Updates

Firewall with UFW

Anti-Virus Scanning and Rootkit detection

Gmail and Exim4 As MTA With Implicit TLS

iptables Intrusion Detection And Prevention with PSAD

1 Like

I support automatic security updates, UFW hardening

Use something like mailgun for discourse emails.

Everything else is probably unnecessary.

4 Likes