Secure Your VPS with Ease β Now on GitHub!
Managing a Linux server? Whether youβre running Ubuntu, Debian, CentOS, or AlmaLinux β one of the first steps after setup should be hardening your system against attacks.
At Hosteons, weβve created a powerful yet easy-to-use Linux Hardening Script that automates the most essential security tasks. Best of all β itβs completely open-source under the MIT License.
π§ What Does the Script Do?
Our script walks you through an interactive setup process that includes:
β Changing the default SSH port
β Disabling root SSH login (optional)
β Creating a new sudo-enabled user (if root login is disabled)
β Installing and configuring Fail2Ban to block brute-force attacks
β Installing and initiating a Lynis audit for best practices
β Enabling and configuring UFW (Ubuntu/Debian) or Firewalld (CentOS/AlmaLinux)
β Handling SELinux if enabled
β Updating all system packages
All steps are automated and clearly explained during the process.
π Why Harden Your Server?
Running a public-facing server without basic security is like leaving your front door open. Common exploits target:
- Default SSH ports
- Password-authenticated root logins
- Unpatched packages
- Open ports and misconfigured firewalls
This script helps new VPS users and sysadmins apply battle-tested security practices without manual work.
π How to Use It
- SSH into your server
- Download the script:
curl -O https://raw.githubusercontent.com/hosteons/Linux-Hardening-Script/main/harden.sh
chmod +x harden.sh
sudo ./harden.sh- Follow the prompts β itβs fully interactive and safe
π‘ Disclaimer: Changing SSH ports and disabling root login may lock you out if youβre not careful. Always have VNC, IPMI, or another form of console access ready.
π¦ Open Source & Free
This project is licensed under the MIT License and developed by Hosteons.com to help the Linux and VPS community.
We welcome contributions and feedback!