AlmaLinux is a popular enterprise-level Linux distribution that offers stable, secure, and reliable operating system functionality. However, like any other server, an AlmaLinux server is susceptible to cyber-attacks. It is essential to take proactive measures to secure your AlmaLinux server by implementing a firewall and SELinux policies. In this blog, we will walk you through the steps to securing AlmaLinux server with firewall and SELinux policies.
How to secure AlmaLinux server?
Enable Firewall
The first step to securing AlmaLinux server is to enable the firewall. A firewall is a network security system that monitors and controls incoming and outgoing network traffic. You can enable the AlmaLinux firewall using the following commands:
systemctl enable firewalld
systemctl start firewalldThe above commands will enable and start the firewalld service on your AlmaLinux server.
Configure Firewall Rules
After enabling the firewall, the next step is to configure firewall rules to allow or deny traffic. You can use the firewall-cmd command to add and remove firewall rules. For example, to allow incoming SSH traffic, use the following command:
firewall-cmd --add-service=ssh --permanentTo allow incoming HTTP traffic, use the following command:
firewall-cmd --add-service=http --permanentAfter adding the rules, reload the firewall service for the changes to take effect:
firewall-cmd --reloadEnable SELinux
SELinux (Security-Enhanced Linux) is a mandatory access control system that provides an additional layer of security to your AlmaLinux server. You can enable SELinux using the following command:
setenforce 1The above command will enable SELinux in enforcing mode.
Configure SELinux Policies
After enabling SELinux, the next step is to configure SELinux policies to allow or deny access to various resources. You can use the semanage command to manage SELinux policies. For example, to allow the Apache web server to access the network, use the following command:
semanage permissive -a httpd_tTo allow the MySQL server to write to the /var/lib/mysql directory, use the following command:
semanage fcontext -a -t mysqld_db_t "/var/lib/mysql(/.*)?"restorecon -Rv /var/lib/mysqlAfter configuring the SELinux policies, restart the affected services for the changes to take effect.
Conclusion
Securing AlmaLinux server with firewall and SELinux policies is essential to protect it from cyber-attacks. By enabling the firewall and configuring firewall rules and SELinux policies, you can restrict access to your server and resources, ensuring its security. Follow the steps mentioned in this blog to secure your AlmaLinux server with firewall and SELinux policies.
