I'm new to setting up an enterprise server, and although I've got a decent grounding in Linux from my recent Linux+ certification, I'm trying to wrap my head around creating a minimal, secure Rocky Linux 9 server for a chat application in a DMZ. My goal is to establish a solid baseline configuration that I can use to create a template for future servers and ensure it's secure from the get-go. I've been following a guide that has some helpful steps but also includes typos, which makes me uncertain if I'm on the right path. I want to avoid any potential security breaches, so I'm looking for advice on how to harden the server properly, as I feel a bit overwhelmed with all the details. Here's the guide I'm using: [Install a Hardened Version of Rocky Linux](https://medium.com/@issad_adel/install-a-hardened-version-of-rocky-linux-e886e739d3d7). Any tips on simplifying this process?
1 Answer
It's fantastic that you're focusing on hardening your OS from the start! Just remember, security goes beyond just hardening. Make sure you're validating any packages you install, configuring them properly, and maintaining good practices like regular updates and backups. Also, don’t expose any applications directly over the internet without proper checks. It's about setting up safe permissions and connections, which matters just as much as the initial setup.
I get that, and I want to build a solid foundation first. If I can get that baseline secured, I can expand later according to my needs.