BitMaster/LEMPer
1
0
Fork 0
mirror of https://github.com/joglomedia/LEMPer.git synced 2026-04-13 00:18:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enhance server security settings.

Browse Source
This commit is contained in:
joglomedia
2019-12-25 22:43:11 +07:00
parent e9a8f4eb68
commit 034dafe960
1 changed files with 26 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
scripts/secure_server.sh
View File

@@ -17,7 +17,9 @@ fi
# Make sure only root can run this installer script.
requires_root
##
# Securing SSH server.
#
function securing_ssh() {
LEMPER_USERNAME=${LEMPER_USERNAME:-"lemper"}
SSH_PASSWORDLESS=${SSH_PASSWORDLESS:-false}
@@ -137,7 +139,9 @@ EOL
#run service sshd restart
}
# Install & Configure the Uncomplicated Firewall (UFW)
##
# Install & Configure Uncomplicated Firewall (UFW).
#
function install_ufw() {
SSH_PORT=${1:-$SSH_PORT}
@@ -214,7 +218,9 @@ function install_ufw() {
fi
}
# Install & Configure the ConfigServer Security & Firewall (CSF)
##
# Install & Configure ConfigServer Security & Firewall (CSF).
#
function install_csf() {
SSH_PORT=${1:-$SSH_PORT}
@@ -314,7 +320,9 @@ function install_csf() {
fi
}
# Install & Configure the Advancef Policy Firewall (APF)
##
# Install & Configure Advancef Policy Firewall (APF).
#
function install_apf() {
SSH_PORT=${1:-$SSH_PORT}
APF_VERSION=${APF_VERSION:-"1.7.6-1"}
@@ -380,6 +388,9 @@ function install_apf() {
fi
}
##
# Remove UFW.
#
function remove_ufw() {
if [[ -n $(command -v ufw) ]]; then
echo "Found UFW iptables firewall, trying to remove it..."
@@ -393,6 +404,9 @@ function remove_ufw() {
fi
}
##
# Remove CSF.
#
function remove_csf() {
if [[ -n $(command -v csf) || -f /usr/lib/systemd/system/csf.service ]]; then
echo "Found CSF+LFD iptables firewall, trying to remove it..."
@@ -403,6 +417,9 @@ function remove_csf() {
fi
}
##
# Remove APF.
#
function remove_apf() {
if [[ -n $(command -v apf) && -f /etc/apf/conf.apf ]]; then
echo "Found APF+BFD iptables firewall, trying to remove it..."
@@ -420,7 +437,9 @@ function remove_apf() {
fi
}
# Install Firewall.
##
# Install IP-tables based firewall.
#
function install_firewall() {
echo ""
echo "IPtables-based Firewall Installation"
@@ -483,6 +502,9 @@ Any other iptables based firewall will be removed otherwise they will conflict."
fi
}
##
# Initialize server security.
#
function init_secure_server() {
while [[ "${SECURED_SERVER}" != "y" && "${SECURED_SERVER}" != "n" && "${AUTO_INSTALL}" != true ]]; do
read -rp "Do you want to enable basic server security? [y/n]: " -i y -e SECURED_SERVER