In today’s digital world, securing your server is a must, especially if you’re running nodes for blockchain networks or other distributed systems. In this guide, we’ll break down why server security is so important and how to keep things safe on Ubuntu (Linux), including how to generate SSH keys for secure access.
Why Server Security Is a Big Deal
Protecting your data:
Servers hold a lot of sensitive stuff — like user info, financial data, and company documents. A data leak could lead to major financial hits and mess up your reputation.
Attack Prevention:
Without proper security measures, servers can be targeted by various types of attacks such as DDoS attacks, malware injection, and hacking attempts. These attacks can lead to data loss or service interruption.
Regulatory Compliance:
A multitude of industries require compliance with data security standards. Failure to comply with these requirements can have legal and financial consequences.
Protection against insider threats:
Even in the absence of external attacks, misconfigurations or employee actions can pose a threat to server security. Effective security measures help minimize such risks.
How to protect a server on Ubuntu (Linux)
1. Regular system updates
Updates to the operating system and installed packages are critical to protect against vulnerabilities. Use the following commands to update:
sudo apt update sudo apt upgrade
2. Configuring the firewall
Install and configure ufw (Uncomplicated Firewall) to control access to the server:
sudo apt install ufw sudo ufw allow ssh sudo ufw enable sudo ufw status
3. Configuring SSH
Change the default SSH port (22) to another less obvious port. This can be done in the configuration file /etc/ssh/sshd_config.
Disable password authentication and use SSH keys for better security
PasswordAuthentication no
After making configuration changes, restart the SSH service
sudo systemctl restart ssh
4. Generating SSH Keys (done on your PC)
Run this command to generate SSH keys:
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
Follow the steps to save the keys in the right spot. Usually it’s~/.ssh/id_rsa (private key) и ~/.ssh/id_rsa.pub (public key)
To add the public key to your server, use:
ssh-copy-id user@server_ip
5. Managing Users and Permissions
Create users with only the permissions they really need, and avoid using the root account for everyday tasks. Use sudo to run commands with higher privileges.
Check and adjust the /etc/sudoers and /etc/sudoers.d/ files to control access.
6. Protecting Against Malware
Install antivirus software like ClamAV and run regular system scans.
sudo apt install clamav
sudo freshclam
sudo clamscan -r /home
7. Monitoring and Auditing
Turn on system logging and use tools like fail2ban to automatically block IPs trying to break in.
Set up monitoring tools like Prometheus and Grafana to keep an eye on your server’s performance.
8. Data Backup
Regularly back up your configuration files and data. Use tools like rsync or dedicated backup solutions to ensure everything is safely stored.
Conclusion
Securing your server is a crucial task that requires a comprehensive approach. Regular system updates, firewall configuration, secure SSH setup, and user management are key to keeping your server protected. If you’re running nodes for blockchain networks, be mindful of resource requirements and apply the same security measures to ensure stable performance and data protection.
🗺️ All the info on nodes, giveaways, educational content, and research will be on our sources — DKNODES, GitHub, and X (Twitter).
Thanks for your attention, node runners!
