How I Harden My Linux Web Server Against Cyber Attacks (CentOS & Ubuntu Guide) | by Faruk Ahmed | Apr, 2025

Member-only story

How I Harden My Linux Web Server Against Cyber Attacks (CentOS & Ubuntu Guide)

--

Share

🔍 Intro:

Running a website isn’t just about beautiful pages and fast performance — it’s also about security. Every day, bots and attackers probe for weaknesses in web servers. Whether you use Apache or Nginx on CentOS or Ubuntu, this guide will walk you through the exact steps I take to lock down my servers and reduce risk.

🔐 1. Disable Unused Services

On both CentOS and Ubuntu, start by checking which services are listening:

sudo netstat -tulnp

Stop anything unnecessary:

sudo systemctl stop bluetooth.servicesudo systemctl disable bluetooth.service

🔒 Only allow essential services like SSH, HTTP/HTTPS.

🔐 2. Enforce a Strong Firewall (UFW or firewalld)

Ubuntu (UFW):

sudo ufw default deny incomingsudo ufw allow 22/tcpsudo ufw allow 80/tcpsudo ufw allow 443/tcpsudo ufw enable

CentOS (firewalld):

sudo firewall-cmd --permanent --set-default-zone=dropsudo firewall-cmd --permanent --add-service=sshsudo firewall-cmd --permanent --add-service=httpsudo…

👉 Read Full Blog on Medium Here