
Secure Your VPS with Ease — Now on GitHub!
Managing a Linux server? Whether you’re running Ubuntu, Debian, CentOS, or AlmaLinux — one of the first steps after setup should be hardening your system against attacks.
At Hosteons, we’ve created a powerful yet easy-to-use Linux Hardening Script that automates the most essential security tasks. Best of all — it’s completely open-source under the MIT License.
🔧 What Does the Script Do?
Our script walks you through an interactive setup process that includes:
✅ Changing the default SSH port
✅ Disabling root SSH login (optional)
✅ Creating a new sudo-enabled user (if root login is disabled)
✅ Installing and configuring Fail2Ban to block brute-force attacks
✅ Installing and initiating a Lynis audit for best practices
✅ Enabling and configuring UFW (Ubuntu/Debian) or Firewalld (CentOS/AlmaLinux)
✅ Handling SELinux if enabled
✅ Updating all system packages
All steps are automated and clearly explained during the process.
🚀 Why Harden Your Server?
Running a public-facing server without basic security is like leaving your front door open. Common exploits target:
- Default SSH ports
- Password-authenticated root logins
- Unpatched packages
- Open ports and misconfigured firewalls
This script helps new VPS users and sysadmins apply battle-tested security practices without manual work.
📝 How to Use It
- SSH into your server
- Download the script:
curl -O https://raw.githubusercontent.com/hosteons/Linux-Hardening-Script/main/harden.sh
chmod +x harden.sh
sudo ./harden.sh
- Follow the prompts — it’s fully interactive and safe
💡 Disclaimer: Changing SSH ports and disabling root login may lock you out if you’re not careful. Always have VNC, IPMI, or another form of console access ready.
📦 Open Source & Free
This project is licensed under the MIT License and developed by Hosteons.com to help the Linux and VPS community.
We welcome contributions and feedback!