trimstray/linux-hardening-checklist — explained in plain English
Analysis updated 2026-07-17 · repo last pushed 2024-11-19
Walk through a prioritized checklist to harden a new Linux server before deploying it to production.
Apply concrete commands to restrict permissions on shared memory and temp folders against malicious code execution.
Separate system logs and boot files onto different drives to limit the blast radius of a disk failure or compromise.
Use the checklist as a quick reference during infrastructure setup, checking items off as you go.
| trimstray/linux-hardening-checklist | n8n-io/n8n-docs | karpathy/arxiv-sanity-lite | |
|---|---|---|---|
| Stars | 1,634 | 1,635 | 1,637 |
| Language | — | HTML | Python |
| Last pushed | 2024-11-19 | — | 2023-06-19 |
| Maintenance | Stale | — | Dormant |
| Setup difficulty | moderate | moderate | moderate |
| Complexity | 3/5 | 2/5 | 2/5 |
| Audience | ops devops | pm founder | researcher |
Figures from each repo's GitHub metadata at analysis time.
It's a reference checklist, not software, applying it means manually running commands across your server.
A prioritized checklist for securing a Linux server before production, covering disk layout, permissions, network config, and logging with example commands for each fix.
Stale — no commits in 1-2 years (last push 2024-11-19).
Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
double-check against the repo, no cap.