Ask HN: How to harden a personal server systematically in 2021?
I'm setting up an AWS instance to self-host some sensitive data and would like to harden the OS (ubuntu 20.04) with a well known benchmark e.g. CIS level 1.
The only pre-hardened AMI's come from CIS and cost around $133 per year to run on a t2.micro instance.
I don't want to follow a random 'How to harden your server' article on Github and the free CIS level 1 benchmark PDF would take a week to implement manually and is prone to error.
Based on an afternoon of research all the configuration management tools I've found that implement hardening based on a well know standard e.g. CIS level 1 are only targeted and priced for enterprise customers (Puppet, CIS secureSuite, lockdown enterprise etc.)
Are you aware of any solutions?
1 comment
[ 2.9 ms ] story [ 10.8 ms ] thread