search

imthenachoman / How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.
Creative Commons Attribution Share Alike 4.0 International
17.34k stars 1.11k forks source link

Conflicting statements on CIS benchmarks #97

Closed Bojan023 closed 1 year ago

Bojan023 commented 1 year ago

Firstly, thank you for trying to condense so much information out there. I think this is a perfect starting point for self-hosters at home.

However, within a couple of minutes reading there are two conflicting statements regarding CIS benchmarks:

https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/blob/8f78e027e9b4e53deb81db669aef8c9ddd5ff1c2/README.md?plain=1#L108

https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/blob/8f78e027e9b4e53deb81db669aef8c9ddd5ff1c2/README.md?plain=1#L259

The first recommends to follow this guide first and a CIS Benchmark afterwards. The latter one states the opposite. My suggestion is to stick to the first statement and thus alter the second statement.

imthenachoman commented 1 year ago

Thanks. I tweaked the verbiage. Is that better?