Skip to content Skip to sidebar Skip to footer
Home / Configure / Security

Configuration Before Building the Webserver in RHEL 7

Posted by: Bangkit Ade Saputra Post a Comment

Disable selinux in Server

NSA Security-Enhanced  Linux  (SELinux)  is an implementation of a flexible mandatory access control architecture in the Linux operating system.  The SELinux architecture provides  general  support  for the enforcement of many kinds of mandatory access control policies, including those based on the concepts of Type Enforcement®, Role- Based Access Control, and Multi-Level Security. Background  information and technical documentation about SELinux can be found at http://www.nsa.gov/research/selinux.

Check selinux status
# sestatus
Change selinux setting so they are not active
# vi /etc/selinux/config
disable selinux
disable selinux

and then change in the SELINUX=enforcing to SELINUX=disabled then save & close

Disable Firewall in Server

Firewalld provides a dynamically managed firewall with support for network/firewall zones to define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings and for ethernet bridges and has a separation of runtime and permanent configuration options. It also supports an interface for services or applications to add firewall rules directly.


Turn off the firewall in linux

# systemctl stop firewalld

Disable to automatically turn on when booting
# systemctl disable firewalld

Change the default port of ssh

# vi /etc/ssh/sshd_config
custom port for ssh
custom port for ssh

and then change in the #Port 22 to Port 1234 (whatever you want) then save & close

Make Banner on Server and will display when starting ssh

The  contents of /etc/motd are displayed by login(1) after a successful login but just before it executes the login shell.

The abbreviation "motd" stands for "message of the day", and this file has  been  traditionally  used for exactly that (it requires much less disk space than mail to all users). 

Adding some decorator when you first remotely server
# vi /etc/motd

Change network settings to static

# vi /etc/sysconfig/network-scripts/ifcfg-ens33
make static ip on server
make static ip on server

input some setting such as ip address, gateway and other, like the picture above. then save & close

Apply all configured

to implement and convincingly restart the server
# reboot
Bangkit Ade Saputra
Bangkit Ade Saputra Hard-working professional with experience and a proven knowledge of operating system, server architecture and system configuration.

Post a Comment for "Configuration Before Building the Webserver in RHEL 7"

Post a Comment