☁️🧪 Cloud Potions Hardnix Shield 🛡️

Hardnix Shield is a comprehensive security script designed for Debian-based Linux systems (Ubuntu, Debian, Mint). It automates the process of hardening your system's security by implementing a wide range of best practices and security measures.

🚀 One Line Installation - Copy into Terminal and press Enter (With Root/Sudo Privileges):

COMING SOON

⚠️ Important Tip: This script is ONLY for new servers, do not use a bash script on a production environment!!! If you are new to this, I recommend choosing the Jedi mode and creating a non-root user when prompted by the Wizard. Setting up SSH keys can be challenging for those without technical expertise, and the Jedi mode still provides excellent, A+ level security.

Prerequisites

🐧 A Debian-based Linux system (e.g., Debian, Ubuntu, Mint, etc)
🔑 Root access to the system

Easy Terminal Based Wizard Install Script: 3 Security Choices

🧑‍🎓 Padawan: Strong security enhancements 🧙‍♂️ Jedi: Adds Google Authenticator 🧙‍♀️ CP Wizard: Also adds SSH keypair generation

Features

📦 System update and upgrade 🔐 SSH hardening (change default SSH port, install & update UFW Firewall) 👤 Non-root user creation with sudo privileges - Disable Root Login 🔒 Installation and configuration of essential security tools 🗝️ Optional: Google Authenticator 🔑 Optional: SSH KeyPair 🚫 Fail2ban setup for intrusion prevention 🔥 Firewall (UFW) configuration 🛡️ AppArmor enforcement 🦠 ClamAV antivirus setup

🛠️ GRUB bootloader security enhancements 🔏 LUKS encryption setup (placeholder) 🔐 SSL/TLS configuration (placeholder) ⏰ Chrony configuration for time synchronization 🕵️‍♂️ Rootkit detection with rkhunter 📝 Auditd configuration for system auditing 🛠️ Secure shared memory configuration 🌐 Network hardening via sysctl

⚠️⚠️ Important Notes⚠️⚠️

🚨 This script makes significant changes to your system's configuration. Always review the script before running it.

🧪 It's highly recommended to run this script on a fresh installation or a test system before applying it to a production environment.

🚫 After running the script, it will ask you to disable root login via SSH and create a non-root user with a password. Make sure to carefully copy down the non-root username and password, and have it saved and ready before you load the script. The script will ask you for the new password twice to ensure accuracy.

🔑 The same caution applies if you decide to set up an SSH keypair or Google Authenticator. It is extremely important to copy this information down before you close the terminal; otherwise, you will lose access to your server.

🔢 If you choose to change the SSH port, make note of the new port number to avoid losing access to your system.

💾 Ensure you have backups of all important data before running the script.

🛠️ Some features (like LUKS encryption) are placeholders and require manual setup or customization.

Disclaimer: This script is provided "as is" without any warranties. Use it at your own risk.

DONATIONS Join the ranks of the Rebel Alliance and help us fight the dark side! Your donation fuels our mission to secure the galaxy one system at a time. May the Force (and your generosity) be with you!

Donate to PayPal

BTC (Bitcoin)

3LWF4Cmj48mkziUzzsVRWbNQXLPgC4ctcD

DOGE (Dogecoin)

D5gQepmG8j7Q8e44Vv7rH512iuPAGkcLdo

Tether (USDT) ERC20

0x126FFb1857AE900D7539c4e1aAB04aa676Fe3FcC