This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!
Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.
# IPFire Security Hardening Guide |
## Introduction |
IPFire is designed to be secure by default, however it can be further hardened so that it is even more difficult to attack. Hardening includes; |
- [](/optimization/start/security_hardening/good_security_practice) |
- [](/optimization/start/security_hardening/additional_security_configuration) |
- and [](/optimization/start/security_hardening/reducing_attack_surface) by disabling features which are not in use. |
Please discuss changes to this guide [in this post in the forum](https://forum.ipfire.org/viewtopic.php?f=27&t=15151). |
---- |
## Implementation Scale |
This guide uses two scales: |
| | | | | |
|---|---|---|---| |
| **Impact** (security benefit) |**<span style="color:lime">A. MAJOR</span>**|**<span style="color:mediumseagreen">B. SIGNIFICANT</span>**|**<span style="color:darkseagreen">C. MINOR</span>**| |
| **Effort** (to implement) |**<span style="color:orangered">1. LOW</span>**|**<span style="color:coral">2. MEDIUM</span>**|**<span style="color:crimson">3. HIGH</span>**| |
## Scale examples |
For example, items which are categorized |
| Impact | Effort | |
|---|---| |
| **<span style="color:lime">A. MAJOR</span>** | **<span style="color:orangered">1. LOW</span>** | |
are highly recommended, as they are both easy to implement and have a high security benefit. |
|
While items which are |
|Impact|Effort| |
|---|---| |
|**<span style="color:darkseagreen">C. MINOR</span>**|**<span style="color:crimson">3. HIGH</span>**| |
will be helpful, but need only done for a high-risk environment or if you are a bit paranoid! |
**Next Page: [](/optimization/start/security_hardening/good_security_practice)** |
*--Next Page: [](/optimization/start/security_hardening/good_security_practice)* |