Rocky Linux inherits the enterprise-grade stability of RHEL, but it’s still important to apply some simple hardening steps after installation. These actions help reduce risk with minimal setup.
Disclaimer:
These are general suggestions to help improve the security of your VPS. Enviroweb provides unmanaged VPS hosting and does not configure, manage, or audit the security of your server. You are responsible for securing and maintaining your system.
1. Keep your system updated
sudo dnf update -y
This ensures your system is running the latest secure versions of installed packages.
2. Enable and configure the firewall
sudo systemctl enable firewalld --now
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload
This activates the firewall and ensures SSH access is allowed.
3. Install fail2ban (optional)
sudo dnf install epel-release -y
sudo dnf install fail2ban -y
sudo systemctl enable fail2ban --now
Fail2ban protects your server by banning IPs after repeated failed login attempts.
4. Set a strong password
passwd
Use a secure, unique password for your default user to prevent unauthorized access.
These steps provide a basic layer of protection without altering critical system settings. You can expand on them as your server setup grows based on your needs and use case.
For more advanced security and configuration guides, visit the official Rocky Linux documentation: