Security
Unattended Upgrades
Unattended upgrades is a package that can be installed on Ubuntu Server to automatically install security updates.
The unattended-upgrades package has been configured to automatically install security updates on the Ubuntu Server. This package is configured to automatically install security updates every day after hours.
Fail2Ban
The Fail2Ban package has been installed on the Ubuntu Server to protect against brute force attacks. This package is configured to automatically ban IP addresses that have failed to authenticate multiple times.
UFW (Uncomplicated Firewall)
The UFW package has been installed on the Ubuntu Server to manage the firewall. The following ports have been allowed through the firewall:
| Port | Protocol | Description |
|---|---|---|
| 22 | TCP | SSH |
| 80 | TCP | HTTP |
| 443 | TCP | HTTPS |
| 2399 | TCP | ODBC/JDBC |
| 5003 | TCP | FileMaker Pro |
SSH Hardening
The SSH server has been hardened to prevent unauthorized access. The following changes have been made to the SSH server configuration:
| Setting | Value | Description |
|---|---|---|
PermitRootLogin | no | Disables root login |
PasswordAuthentication | no | Disables password authentication |
Non-root user
A non-root user has been created on the Ubuntu Server to perform administrative tasks. This user has been granted sudo privileges. For security reasons, it is NOT recommended to perform administrative tasks using the root user.