From 09478a8ac85d22c58dc5dc50f4df0a7d886bd375 Mon Sep 17 00:00:00 2001 From: Kamran Ahmed Date: Fri, 23 Dec 2022 18:41:55 +0400 Subject: [PATCH] Add node for Server Security --- .../roadmaps/101-backend/content-paths.json | 1 + .../106-server-security.md | 13 +++ public/project/backend.json | 81 +++++++++++++++---- 3 files changed, 78 insertions(+), 17 deletions(-) create mode 100644 content/roadmaps/101-backend/content/111-web-security-knowledge/106-server-security.md diff --git a/content/roadmaps/101-backend/content-paths.json b/content/roadmaps/101-backend/content-paths.json index 10962fd9f..66c437bd4 100644 --- a/content/roadmaps/101-backend/content-paths.json +++ b/content/roadmaps/101-backend/content-paths.json @@ -91,6 +91,7 @@ "web-security-knowledge:scrypt": "/roadmaps/101-backend/content/111-web-security-knowledge/104-scrypt.md", "web-security-knowledge:https": "/roadmaps/101-backend/content/111-web-security-knowledge/105-https.md", "web-security-knowledge:content-security-policy": "/roadmaps/101-backend/content/111-web-security-knowledge/105-content-security-policy.md", + "web-security-knowledge:server-security": "/roadmaps/101-backend/content/111-web-security-knowledge/106-server-security.md", "web-security-knowledge:cors": "/roadmaps/101-backend/content/111-web-security-knowledge/106-cors.md", "web-security-knowledge:ssl-tls": "/roadmaps/101-backend/content/111-web-security-knowledge/107-ssl-tls.md", "web-security-knowledge:owasp": "/roadmaps/101-backend/content/111-web-security-knowledge/108-owasp.md", diff --git a/content/roadmaps/101-backend/content/111-web-security-knowledge/106-server-security.md b/content/roadmaps/101-backend/content/111-web-security-knowledge/106-server-security.md new file mode 100644 index 000000000..d8de494dc --- /dev/null +++ b/content/roadmaps/101-backend/content/111-web-security-knowledge/106-server-security.md @@ -0,0 +1,13 @@ +# Server Security + +Learn about the security of your server and how to secure it. Here are some of the topics off the top of my head: + +* Use a firewall: One of the most effective ways to secure a server is to use a firewall to block all unnecessary incoming traffic. You can use iptables on Linux systems or a hardware firewall to do this. +* Close unnecessary ports: Make sure to close any ports that are not needed for your server to function properly. This will reduce the attack surface of your server and make it more difficult for attackers to gain access. +* Use strong passwords: Use long, complex passwords for all of your accounts, and consider using a password manager to store them securely. +* Keep your system up to date: Make sure to keep your operating system and software up to date with the latest security patches. This will help to prevent vulnerabilities from being exploited by attackers. +* Use SSL/TLS for communication: Use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) to encrypt communication between your server and client devices. This will help to protect against man-in-the-middle attacks and other types of cyber threats. +* Use a intrusion detection system (IDS): An IDS monitors network traffic and alerts you to any suspicious activity, which can help you to identify and respond to potential threats in a timely manner. +* Enable two-factor authentication: Two-factor authentication adds an extra layer of security to your accounts by requiring a second form of authentication, such as a code sent to your phone, in addition to your password. + +Also learn about OpenSSL and creating your own PKI as well as managing certs, renewals, and mutual client auth with x509 certs diff --git a/public/project/backend.json b/public/project/backend.json index 40cd79cb9..40cafba63 100644 --- a/public/project/backend.json +++ b/public/project/backend.json @@ -4476,11 +4476,11 @@ "typeID": "TextArea", "zOrder": "233", "w": "271", - "h": "171", + "h": "224", "measuredW": "200", "measuredH": "140", "x": "1451", - "y": "2651" + "y": "2623" }, { "ID": "14206", @@ -4491,7 +4491,7 @@ "w": "86", "h": "42", "x": "1467", - "y": "2715", + "y": "2687", "properties": { "controlName": "106-web-security-knowledge:cors" }, @@ -4538,7 +4538,7 @@ "w": "90", "h": "43", "x": "1465", - "y": "2665", + "y": "2637", "properties": { "controlName": "105-web-security-knowledge:https" }, @@ -4585,7 +4585,7 @@ "w": "241", "h": "44", "x": "1468", - "y": "2765", + "y": "2737", "properties": { "controlName": "105-web-security-knowledge:content-security-policy" }, @@ -4632,7 +4632,7 @@ "w": "147", "h": "43", "x": "1560", - "y": "2665", + "y": "2637", "properties": { "controlName": "108-web-security-knowledge:owasp" }, @@ -4679,7 +4679,7 @@ "measuredW": "200", "measuredH": "140", "x": "1451", - "y": "2464" + "y": "2436" }, { "ID": "14211", @@ -4690,7 +4690,7 @@ "w": "239", "h": "40", "x": "1466", - "y": "2479", + "y": "2451", "properties": { "controlName": "100-web-security-knowledge:md5" }, @@ -4738,7 +4738,7 @@ "w": "237", "h": "40", "x": "1467", - "y": "2524", + "y": "2496", "properties": { "controlName": "101-web-security-knowledge:sha-family" }, @@ -4786,7 +4786,7 @@ "w": "119", "h": "40", "x": "1468", - "y": "2570", + "y": "2542", "properties": { "controlName": "104-web-security-knowledge:scrypt" }, @@ -4834,7 +4834,7 @@ "w": "111", "h": "40", "x": "1594", - "y": "2570", + "y": "2542", "properties": { "controlName": "102-web-security-knowledge:bcrypt" }, @@ -4881,7 +4881,7 @@ "measuredW": "149", "measuredH": "25", "x": "1508", - "y": "2618", + "y": "2590", "properties": { "size": "17", "text": "Hashing Algorithms" @@ -4964,7 +4964,7 @@ "w": "149", "h": "43", "x": "1559", - "y": "2715", + "y": "2687", "properties": { "controlName": "107-web-security-knowledge:ssl-tls" }, @@ -8925,7 +8925,7 @@ "measuredW": "24", "measuredH": "24", "x": "1705", - "y": "2455", + "y": "2427", "properties": { "color": "16777215", "icon": { @@ -8941,7 +8941,7 @@ "measuredW": "24", "measuredH": "24", "x": "1705", - "y": "2455", + "y": "2427", "properties": { "color": "10027263", "icon": { @@ -8957,7 +8957,7 @@ "measuredW": "24", "measuredH": "24", "x": "1709", - "y": "2809", + "y": "2828", "properties": { "color": "16777215", "icon": { @@ -8973,7 +8973,7 @@ "measuredW": "24", "measuredH": "24", "x": "1709", - "y": "2809", + "y": "2828", "properties": { "color": "10027263", "icon": { @@ -14421,6 +14421,53 @@ ] } } + }, + { + "ID": "14592", + "typeID": "__group__", + "zOrder": "264", + "measuredW": "241", + "measuredH": "44", + "w": "241", + "h": "44", + "x": "1468", + "y": "2786", + "properties": { + "controlName": "106-web-security-knowledge:server-security" + }, + "children": { + "controls": { + "control": [ + { + "ID": "0", + "typeID": "TextArea", + "zOrder": "0", + "w": "241", + "h": "44", + "measuredW": "200", + "measuredH": "140", + "x": "0", + "y": "0", + "properties": { + "color": "16770457" + } + }, + { + "ID": "1", + "typeID": "Label", + "zOrder": "1", + "measuredW": "117", + "measuredH": "25", + "x": "62", + "y": "10", + "properties": { + "size": "17", + "text": "Server Security" + } + } + ] + } + } } ] },