nuy

1. System backup1.1 Backup under /var/www/html①Create the /var/www/system directory# mkdir /var/www/system②Create a script "backup_all.sh" under /var/www/system# vi /var/www/system/backup_all.shContents of the "backup_all.sh" script#!/bin/bash#===========================================================# : Environment initialization#===========================================================#Date processingTODAY=`/bin/date +%Y%m%d`DAY_AGO=`/bin/date --date '7day ago' +%Y%m%d`

1. Introduction of disk usage check scripts1.1 Script creation# cd /opt/script/# vi disk_capacity_check.shContents of disk_capacity_check.sh#!/bin/bash#Specify email address for notificationMAIL=" "

1. Install SNORTSnort is an open source network intrusion detection system that can perform real-time traffic analysis and packet logging over IP networks.It can perform "protocol analysis", "content search" and "matching" and can be used to detect a variety of attacks such as "buffer overflows", "stealth port scans", "CGI attacks", "SMB probes", "OS fingerprinting attempts", "semantic URL attacks" and "server message block probes".

1. Install MySQL 81. Install# apt -y install mysql-server-8.02. MySQL server security settingsRun the tool mysql_secure_installtion to configure security-related settings for your MySQL server.When you run it, you will be asked a series of questions to help you configure your security settings.You will first be asked if you want to use a password validation plugin, as shown below.Password validation means that you can check the password strength of users for MySQL and restrict them to accepting only passwords that are secure enough.For example, it should be at least a few characters long and always contain at least one symbol and one number.Type y if you like and press Enter

Instructions on how to get a certificate and apply it to apache, mail server, FTP server and convert to SSL with Let's Encrypt.1. Get a certificate(Let's Encrypt)1.1 Advance preparation①Enable mod_ssl# a2enmod ssl②Install a client tool to obtain a Let's Encrypt certificate

1. Introduction of Clamav anti-virus software1.1 Install# apt install clamav clamav-daemonClamav-related configuration files are installed in the /etc/clamav/ folder1.2 Update your virus definitions# freshclamThe above command will update the virus definitions, but if you get the following error, change the log settings and run it again

2. Install the FTP server vsftpd①Install# apt install vsftpd②Open PORT 21 at UFW# ufw allow ftp# ufw reload③Configuration file changes3. Apache2 installationFirst allow port http:80 and port https:443 on UFW# ufw allow http# ufw allow https# ufw reload3.1 Install Apache 2

1. SSH service security settingsThe SSH service allows root user login by default.Since the root user already knows the username, if the password is known, he can log in to the server with administrator rights.1.1 Creating a general userIf you have created a general user during the installation of Ubuntu 20, this step is not necessary.If the only user created on the server is root, you will not be able to log in remotely via SSH, so if you have not created a user when you installed the OS, you will need to create one beforehand.To create a user, use the "useradd" command.The "-m" option is used to create a home directory and the "-p" option is used to specify a password.For example, to set "ubuntuuser" as the user account name and "123456" as the password, you would run

1. Set the root password and use the SU commandIn the default Ubuntu configuration, the root user is disabled because no password is set.By setting a password for the root user, the traditional [su] command can be used for transitions$ sudo passwd root[sudo] password for ← Current user's passwordEnter new UNIX password: ← Enter the root user password to be setRetype new UNIX password: ← Enter your password againpasswd: password updated successfullySwitch to root user$ su -Password:2. Modernisation of the system

Download Ubuntu Server 20.04 installation imageThe Ubuntu Server installation image can be downloaded from the official website.You will need to create an installation CD/DVD from the downloaded iso file.(About 1.2G)If you are installing on a virtual machine using Vmware or similar, you can use the iso file itself.Download the iso file   :  Ubuntu official download siteUbuntu Server 20.04 installationChange the BIOS so that the PC can boot from the installation disc created above, and then boot the PC.