Today, Linux hosting environments have become extremely vulnerable to cyber attacks. Therefore, effective security configuration is essential to close security gaps and protect your servers. In this article, we will address step-by-step the installation of Firewall, DDoS protection, and WAF (Web Application Firewall) to close security vulnerabilities on your Linux servers.
To set up a firewall on your Linux servers, you can use iptables or ufw (Uncomplicated Firewall). Below are step-by-step instructions for setting up a firewall using ufw:
Turkey (Türkçe)
Worldwide (English)
sudo apt install ufwsudo ufw enablesudo ufw default deny incomingsudo ufw default allow outgoingsudo ufw allow sshsudo ufw allow 'Nginx Full' or sudo ufw allow 'Apache Full'sudo ufw status verboseTo protect against DDoS attacks, you can use tools like fail2ban. Fail2ban blocks IP addresses after detecting too many failed attempts within a certain period.
sudo apt install fail2bansudo systemctl start fail2bansudo systemctl enable fail2bansudo nano /etc/fail2ban/jail.local[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 5
findtime = 600
bantime = 3600
sudo systemctl restart fail2banA WAF is a security solution designed to protect web applications. ModSecurity is a popular WAF for Apache and Nginx.
sudo apt install libapache2-mod-security2sudo apt install libnginx-mod-http-modsecuritysudo a2enmod security2sudo nano /etc/nginx/nginx.conf and add include /etc/nginx/modsec/modsecurity.conf;sudo nano /etc/modsecurity/modsecurity.conf and make sure SecRuleEngine On is active.sudo systemctl restart apache2sudo systemctl restart nginxBy following the steps outlined above, you can protect your Linux hosting servers against security vulnerabilities. Remember that security is an ongoing process, and keeping your system updated is essential to counter new threats.
Copyright © 2026 All Rights Reserved
