1、1 定期更新系统
成都一家集口碑和实力的网站建设服务商,拥有专业的企业建站团队和靠谱的建站技术,10年企业及个人网站建设经验 ,为成都超过千家客户提供网页设计制作,网站开发,企业网站制作建设等服务,包括成都营销型网站建设,品牌网站设计,同时也为不同行业的客户提供成都网站建设、成都网站设计的服务,包括成都电商型网站制作建设,装修行业网站制作建设,传统机械行业网站建设,传统农业行业网站制作建设。在成都做网站,选网站制作建设服务商就选创新互联。
sudo apt-get update sudo apt-get upgrade
1、2 安装安全补丁
sudo apt-get install security-updates
2、1 启用防火墙
sudo ufw enable
2、2 设置防火墙规则
sudo ufw default deny ssh
3、1 启用SELinux
SELinux(Security-Enhanced Linux)是一种基于Linux内核的安全模块,可以提供访问控制、审计等功能,要让Linux操作系统更加安全,需要启用SELinux,在大多数Linux发行版中,可以使用semanage命令来管理SELinux策略,以下是如何在Ubuntu系统中启用SELinux的示例:
sudo semanage fcontext -a -t httpd_sys_content_t "/usr/share(/.*)?" sudo restorecon -Rv /usr/share
3、2 设置SELinux策略
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www(/.*)?" sudo restorecon -Rv /var/www
4、1 设置密码策略
sudo pam_pwquality.so retry=3 minlen=8 ucredit=-1 lcredit=-1 dcredit=-1 ocredit=-1 sudo authconfig --enablefaillock --updateall
4、2 配置多因素认证
mkdir ~/.gnome-keyrings && chmod 700 ~/.gnome-keyrings && echo "[https://example.com]" > ~/.gnome-keyrings/login.gpg && echo "pinentry-mode = loopback" >> ~/.gnome-keyrings/login.gpg && export GPG_AGENT_INFO="daemon;email=you@example.com;encryption=none;icon-name=gnome-keyring" && export GNUPGHOME="/home/your_username/.gnupg" && export GNUPGCONF="/etc/gnupg2/gpg.conf" && source $GNUPGHOME/gpg-agent.sh && gpg-connect-agent --daemonize $GPG_AGENT_INFO & sleep 5 && gpg --list-keys | grep 'trusted keys' | cut -d ' ' -f2 | xargs gpg --delete-secret-keys --yes && echo "Your GNOME Keyring is configured!" && echo "Now you can use the 'passphrase' command to unlock any protected key with your password and a passphrase from your keyring." && echo "To add a new protected key to your keyring, run: gnome-keyring-add [url] [password] [description]." && echo "To unlock a key with your password and passphrase, run: passphrase [url]." && echo "To list all keys in your keyring, run: gnome-keyring-list-keys [url]." && echo "To delete a key from your keyring, run: gnome-keyring-delete [url]." && echo "To remove all keys from your keyring, run: gnome-keyring-clear [url]." && echo "You can now use the 'passphrase' command to unlock any protected key in your keyring with your password and a passphrase from your keyring." && echo "Type 'exit' to exit this shell session and return to your normal terminal session." || echo "Failed to configure GNOME Keyring" && exit 1 && exec $SHELL & sleep 5 && gpg --list-keys | grep 'trusted keys' | cut -d ' ' -f2 | xargs gpg --delete-secret-keys --yes && echo "Your GNOME Keyring is configured!" && echo "Now you can use the 'passphrase' command to unlock any protected key with your password and a passphrase from your keyring." && echo "To add a new protected key to your keyring, run: gnome-keyring-add [url] [password] [description]." && echo "To unlock a key with your password and passphrase, run: passphrase [url]." && echo "To list all keys in your keyring, run: gnome-keyring-list-keys [url]." && echo "To delete a key from your keyring, run: gnome-keyring-delete [url]." && echo "To remove all keys from your keyring, run: gnome-keyring-clear [url]." && echo "You can now use the 'passphrase' command to unlock any protected key in your keyring with your password and a passphrase from your keyring." && echo "Type 'exit' to exit this shell session and return to your normal terminal session." || echo "Failed to configure GNOME Keyring" && exit 1 && exec $SHELL & sleep 5 && gpg --list-keys | grep 'trusted keys' | cut -d ' ' -f2 | xargs gpg --delete-secret-keys --yes && echo "Your GNOME Keyring is configured!" && echo "Now you can use the 'passphrase' command to unlock any protected key with your password and a passphrase from your keyring." && echo "To add a new protected key to your keyring, run: gnome-keyring-add [url] [password] [description]." && echo "To unlock a key with your password and passphrase, run: passphrase [url]." && echo "To list all keys in your keyring, run: gnome-keyring-list-keys [url]." && echo "To delete a key from your keyring, run: gnome-keyring-delete [url]." && echo "To remove all keys from your keyring, run: gnome-keyring-clear [url]." && echo "You can now use the 'passphrase' command to unlock any protected key in your keyring with your password and a passphrase from your keyring." && echo "Type 'exit' to exit this shell session and return to your normal terminal session." || echo "Failed to configure GNOME Keyring" && exit 1 && exec $SHELL & sleep 5 && gpg --list-keys | grep 'trusted keys' | cut -d ' ' -f2 | xargs gpg --delete-secret-keys --yes && echo "Your GNOME Keyring is configured!" && echo "Now you can use the 'passphrase' command to unlock any protected key with your password and a passphrase from your keyring." && echo "To add a new protected key to your keyring, run: gnome-keyring-add [url] [password] [description]." && echo "To unlock a key with your password and passphrase, run: passphrase [url]." && echo "To list all keys in your keyring, run: gnome-keyring
声明:本网站发布的内容(图片、视频和文字)以用户投稿、用户转载内容为主,如果涉及侵权请尽快告知,我们将会在第一时间删除。文章观点不代表本网站立场,如需处理请联系客服。电话:028-86922220;邮箱:631063699@qq.com。内容未经允许不得转载,或转载时需注明来源: 成都快上网