hardening Ubuntu 20.04 cloudron server
-
wrote on Mar 18, 2021, 5:26 AM last edited by girish Mar 18, 2021, 6:10 PM
Do ya'll use any checklists to harden your servers like CIS? I have the CIS ubuntu linux hardening checklist and i'm wondering if any of ya'll have run it and if so is there anything in there thats not obvious which will break our cloudron server functionality?
-
Do ya'll use any checklists to harden your servers like CIS? I have the CIS ubuntu linux hardening checklist and i'm wondering if any of ya'll have run it and if so is there anything in there thats not obvious which will break our cloudron server functionality?
wrote on Mar 18, 2021, 2:09 PM last edited byBy "CIS", I suppose you mean this?
-
By "CIS", I suppose you mean this?
wrote on Mar 18, 2021, 4:49 PM last edited by@infogulch yes. the CIS benchmarks.
-
It seems https://downloads.cisecurity.org/#/ has the PDF to download. It's a fairly big document (~500 pages). @Mastadamus on Cloudron side, the main doc we have is https://docs.cloudron.io/security/
-
It seems https://downloads.cisecurity.org/#/ has the PDF to download. It's a fairly big document (~500 pages). @Mastadamus on Cloudron side, the main doc we have is https://docs.cloudron.io/security/
wrote on Mar 18, 2021, 8:36 PM last edited by@girish Over the next month, I'm going to go line by line through that CIS benchmark and implement it then check for functionality. Would you be interested in that report? My thoughts are if its compatible with Cloudron functions, it may be something worthwhile to implement as part of the install script prior to installing the actual Cloudron core components?
-
@girish Over the next month, I'm going to go line by line through that CIS benchmark and implement it then check for functionality. Would you be interested in that report? My thoughts are if its compatible with Cloudron functions, it may be something worthwhile to implement as part of the install script prior to installing the actual Cloudron core components?
@mastadamus that will be very useful, thanks!