DevOps Server Hardening
One of the main goals for the Hardening Framework it to provide security as a plug-in mechanism. All modules are implemented as overlay modules and work in conjunction with the corresponding open source module like apache or nginx. This enables you to drop in
hardening for your staging and production environments and reuse existing developments.
The framework consists of multiple hardening components:
- Linux System Baseline
- SSH Baseline
- Windows System Baseline
- Apache Baseline
- Nginx Baseline
- Mysql Baseline
- Postgres Baseline
- PHP Baseline
- SSL/TLS Baseline
Most components are implemented in Ansible, Chef and Puppet.
This repository contains examples and tools to harden your server. A subfolder for each DevOps tool exists and a readme guides you accordingly:
├── LICENSE ├── README.md ├── ansible-linux ├── chef-linux └── puppet
License and Author
- Author:: Dominik Richter firstname.lastname@example.org
- Author:: Christoph Hartmann email@example.com
- Author:: Sebastian Gumprich firstname.lastname@example.org
- Author:: Deutsche Telekom AG
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.