09系统安全优化

目录

系统安全优化

selinux

配置文件路径:/etc/selinux/config


[root@localhost ~]#
[root@localhost ~]#cat /etc/selinux/config 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

永久禁用:

sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config 

临时禁用:

setenforce 0

0 : 临时禁用
1 :临时启用

firewalld 防火墙

云主机	----> 安全组
firewalld	--- > 防火墙(简化)
iptables	--- > 防火墙
systemctl disable --now firewalld

systemctl:系统控制
disable : 禁止开启
--now   : 立即执行
systemctl enable --now firewalld

enable : 开机自启动
systemctl start firewalld     # 开启
systemctl stop firewalld      # 关闭
systemctl status firewalld    # 查看防火墙状态

防止系统乱码优化

en_US.UTF-8
en :英文
US :美式
UTF-8 : 指定的编码
zh_CN.UTF-8
zh : 中文
CN :简体中文

修改

LANG=zh_CN.UTF-8

持久化保存字符编码文件

/etc/locale.conf

同时临时永久修改字符集

localectl set-locale LANG=en_US.utf8

source /etc/locale.conf
上一篇:mysql blob 长度_使用Mysql的Blob要注意Blob最大限制到65K字节


下一篇:firewalld