iptables/netfilter firewall for Linux servers with stateful filtering, trust system, ipset block lists, SYN flood protection, VNET per-IP policies, and Docker support
-
Updated
May 22, 2026 - Shell
#
server-hardening
Here are 70 public repositories matching this topic...
This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 24.04. LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.
linux ubuntu shell-script ubuntu-server openscap security-tools linux-security linux-hardening server-security disa-stig server-hardening security-enhanced-linux wbfoss
-
Updated
Feb 15, 2026 - Shell
Automated Linux environment initialization & post-installation setup script for Ubuntu/CentOS/RHEL. 支持开发环境一键配置、常用安全软件与 DevOps 工具链自动化安装、系统内核与网络参数深度性能优化和加固,世界杯备战
dotfiles post-installation automated-deployment automated-scripts bash-script devops-tools linux-setup linux-configuration ubuntu-setup shell-scripting linux-security developer-environment server-hardening centos-setup environment-initialization rhel-setup
-
Updated
Jun 4, 2026 - Shell
🧑💻 A comprehensive guide to Linux system administration, covering: 📜 Commands 👥 User Management 🌐 Networking 🔐 Permissions 📦 Package Management 💽 Disk Management 🛡️ Security 🤖 Automation ✅
nginx devops debian ubuntu firewall apache self-hosting fail2ban linux-server ethical-hacking ufw web-hosting system-administration linux-security cloud-security lamp-stack vps-setup linux-admin server-hardening ssh-security
-
Updated
Feb 4, 2026
Idempotent VPS hardening for Ubuntu — SSH, firewall, fail2ban, kernel tuning, auditd, SOPS secrets, and optional AI agent workspace security. Dry-run first, lockout protection built in.
bash devops debian ubuntu firewall selfhosted sysadmin vps infosec security-hardening homelab ufw linux-security linux-hardening server-security ssh-hardening server-hardening hardening-script
-
Updated
Feb 18, 2026 - Shell
Wazuh detection engineering, SIEM integrations, and SOC automation lab.
compliance sysmon siem soc cyber-security yara virustotal threat-intelligence wazuh blue-team cis-benchmark threat-detection security-compliance security-monitoring endpoint-security server-hardening soc-automation
-
Updated
Jun 5, 2026
Bento turns a fresh Ubuntu/Debian VPS into a hardened Docker Swarm server with Traefik, Portainer, TLS, and deployable apps through a guided terminal menu.
-
Updated
Jun 19, 2026 - Shell
An nftables configuration file with layer 7 filtering and DDoS protection for a Minecraft server. Includes rules for blocking fake sessions, query floods, and bot attacks, as well as filtering for IP addresses and port numbers.
minecraft firewall minecraft-server ddos-attacks network-security ddos-mitigation packet-filtering ddos-protection firewall-rules nftables security-rules server-security packet-blocking server-protection network-filtering layer-7-filtering server-firewall server-hardening network-hardening ddos-configuration
-
Updated
Dec 10, 2022
Automated, hardened OpenClaw setup for Ubuntu 24.04 VPS
security devops ubuntu vps linux-security server-hardening openclaw openclaw-vps openclaw-auto-install openclaw-automation
-
Updated
Feb 15, 2026 - Shell
Beginner-safe Linux VPS hardening skill for Claude Code. SSH lockdown deferred until key login is verified — first-time lockout structurally impossible. macOS/Linux/Windows laptops, Debian/Ubuntu servers.
ssh security devops debian ubuntu sysadmin vps fail2ban ufw server-hardening anthropic claude-code claude-skill
-
Updated
May 7, 2026 - Shell
Open-source CLI agent for automated Linux VPS security auditing. One command, 25 checks, zero install.
-
Updated
May 26, 2026 - TypeScript
Security hardening kit for OpenClaw servers. UFW firewall, fail2ban, Tailscale-only access, unattended upgrades, exposure verification.
-
Updated
Feb 3, 2026 - Shell
WordPress security benchmark: prescriptive full-stack hardening controls for current supported WordPress releases on Linux.
-
Updated
Jun 17, 2026
Ghost-mode transformation for cloud servers with extreme kernel tuning and zero-bloat philosophy.
-
Updated
Jan 30, 2026 - Shell
Harden Linux and Windows origins so HTTP(S) traffic only comes from Cloudflare IP ranges, with nftables, Windows Firewall, and safe apply/update/revert flows.
windows linux shell cdn powershell firewall cloudflare access-control nftables windows-firewall server-hardening cloudflare-security authenticated-origin-pulls origin-security
-
Updated
Jan 28, 2026 - Shell
One-command Ubuntu Server hardening to achieve cutting-edge security, with ZERO ongoing maintenance required.
-
Updated
Aug 23, 2025 - Shell
Harden a VPS and deploy self-hosted apps in one command.
-
Updated
Mar 16, 2026 - Go
Coleta read-only para hardening, capacidade e plano de acao.
-
Updated
Jun 11, 2026 - Python
Ansible infrastructure-as-code for Linux server provisioning, hardening, and lifecycle management. 27 production-ready roles covering security, networking, databases, VPN, monitoring, and automated upgrades across Debian, RedHat, OpenBSD, FreeBSD, and macOS.
linux freebsd ansible openvpn devops ansible-playbook debian redhat postgresql iptables sysadmin configuration-management infrastructure-as-code ansible-roles fail2ban homelab security-automation nftables ssh-hardening server-hardening
-
Updated
May 2, 2026 - Jinja
Comprehensive POSIX shell server hardening toolkit with automatic rollback, SSH safety, and Ansible automation for Debian-based systems
shell infrastructure ssh security ansible devops automation debian firewall posix compliance hardening system-administration linux-security server-hardening
-
Updated
Nov 4, 2025 - Shell
Improve this page
Add a description, image, and links to the server-hardening topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the server-hardening topic, visit your repo's landing page and select "manage topics."