Welcome to the IPFire Wiki

This wiki is a community-maintained resource about everything there is to know about IPFire. Join us and help us improving it!

Looking for something?

Use the search and find answers to everything about IPFire. If you cannot find what you are looking for, join our community and talk to fellow IPFire users, developers and everybody else involved in the project.

IPFire Community

Differences in Revisions: IPFire Security Hardening Guide

Older Revision
August 12 at 2:59 am
»
Newer Revision
August 12 at 5:21 pm
update
# IPFire Security Hardening Guide
 
 
## Introduction
IPFire is designed to be secure by default, however it can be further hardened so that it is even more difficult to attack. Hardening includes;
 
- [](/optimization/start/security_hardening/good_security_practice)
- [](/optimization/start/security_hardening/additional_security_configuration)
- and [](/optimization/start/security_hardening/reducing_attack_surface) by disabling features which are not in use.
 
Please discuss changes to this guide [in this post in the forum](https://forum.ipfire.org/viewtopic.php?f=27&t=15151).
 
----
 
## Implementation Scale
This guide uses two scales:
 
| | | | |
|---|---|---|---|
| **Impact** (security benefit) |**<span style="color:lime">A. MAJOR</span>**|**<span style="color:mediumseagreen">B. SIGNIFICANT</span>**|**<span style="color:darkseagreen">C. MINOR</span>**|
| **Effort** (to implement) |**<span style="color:orangered">1. LOW</span>**|**<span style="color:coral">2. MEDIUM</span>**|**<span style="color:crimson">3. HIGH</span>**|
 
## Scale examples
For example, items which are categorized
 
| Impact | Effort |
|---|---|
| **<span style="color:lime">A. MAJOR</span>** | **<span style="color:orangered">1. LOW</span>** |
 
are highly recommended, as they are both easy to implement and have a high security benefit.
&nbsp;
 
While items which are
 
|Impact|Effort|
|---|---|
|**<span style="color:darkseagreen">C. MINOR</span>**|**<span style="color:crimson">3. HIGH</span>**|
 
will be helpful, but need only done for a high-risk environment or if you are a bit paranoid!
 
**Next Page: [](/optimization/start/security_hardening/good_security_practice)**
*--Next Page: [](/optimization/start/security_hardening/good_security_practice)*