\n<\/p>\n
In an era where cyberattacks and data breaches are increasingly sophisticated, organizations must prioritize secure server configurations. Deploying hardened Linux servers is a crucial step in safeguarding your infrastructure. Coupling this with Infrastructure as Code (IaC) using tools like Terraform can further enhance your security posture while ensuring consistent, repeatable deployments. In this article, we’ll explore best practices for building and managing hardened Linux servers with Terraform.<\/p>\n
<\/p>\n
<\/p>\n
Server hardening involves securing a server by reducing its surface of vulnerability. The primary goal is to protect against unauthorized access, potential exploits, and various security threats. A hardened Linux server typically includes:<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
<\/p>\n
\n<\/ul>\n
<\/p>\n
By using Terraform to automate the deployment of these secure configurations, organizations can minimize human error and ensure compliance with security policies.<\/p>\n
<\/p>\n
<\/p>\n
When deploying a new server, the foundation matters. Choose a minimal Linux distribution as your base image. Distros like Ubuntu Server, CentOS Minimal, or Alpine Linux have smaller footprints with fewer pre-installed packages\u2014reducing potential vulnerabilities.<\/p>\n
<\/p>\n
resource \"aws_instance\" \"hardened_server\" {
\n ami = \"ami-0abcdef1234567890\" # Replace with a minimal AMI ID
\n instance_type = \"t2.micro\"
\n # More configuration...
\n}<\/code><\/pre>\n<\/p>\n
2. Automate Configuration Management with Terraform Modules<\/h3>\n
<\/p>\n
Using Terraform modules is an excellent way to ensure consistency across your infrastructure. Create reusable modules for common hardening tasks such as firewall configurations, package management, and user setup.<\/p>\n
<\/p>\n
module \"hardening\" {
\n source = \".\/modules\/hardening\"
\n instance_id = aws_instance.hardened_server.id
\n}<\/code><\/pre>\n<\/p>\n
3. Apply the Principle of Least Privilege<\/h3>\n
<\/p>\n
When defining roles and permissions for users, applications, and services, always adopt the principle of least privilege. Ensure that each entity has the minimum access rights required to function effectively. Utilize AWS IAM roles with specific permissions for your cloud-deployed applications.<\/p>\n
<\/p>\n
resource \"aws_iam_role\" \"web_app_role\" {
\n name = \"web_app_role\"
\n
\n # Policies restricted to only what the application needs
\n assume_role_policy = jsonencode({
\n Version = \"2012-10-17\"
\n Statement = [{
\n Action = \"sts:AssumeRole\"
\n Principal = {
\n Service = \"ec2.amazonaws.com\"
\n }
\n Effect = \"Allow\"
\n Sid = \"\"
\n }]
\n })
\n}<\/code><\/pre>\n<\/p>\n
4. Implement Network Security Best Practices<\/h3>\n
<\/p>\n
Networking should be a primary focus during hardening. Use security groups and network ACLs to restrict inbound and outbound traffic. Only allow necessary ports and protocols.<\/p>\n
<\/p>\n
resource \"aws_security_group\" \"hardened_sg\" {
\n name = \"hardened_sg\"
\n description = \"Security group for hardened Linux server\"
\n
\n ingress {
\n from_port = 22
\n to_port = 22
\n protocol = \"tcp\"
\n cidr_blocks = [\"YOUR_IP\/32\"] # Limit SSH access
\n }
\n
\n egress {
\n from_port = 0
\n to_port = 0
\n protocol = \"-1\"
\n cidr_blocks = [\"0.0.0.0\/0\"]
\n }
\n}<\/code><\/pre>\n<\/p>\n
5. Regularly Update and Patch<\/h3>\n
<\/p>\n
It is vital to keep your server environment updated. Automate the update process by using configuration management tools integrated with Terraform, such as Ansible or Chef. You can automate patch installations as part of your provisioning process.<\/p>\n
<\/p>\n
6. Monitor and Log Activities<\/h3>\n
<\/p>\n
Effective monitoring and logging are critical elements of server security. Enable system logging and monitoring to track access attempts, configuration changes, and potential intrusions. Terraform can help set up centralized logging solutions like AWS CloudWatch or ELK Stack.<\/p>\n
<\/p>\n
resource \"aws_cloudwatch_log_group\" \"hardened_logs\" {
\n name = \"hardened_log_group\"
\n}<\/code><\/pre>\n<\/p>\n
7. Implement Backups<\/h3>\n
<\/p>\n
Always have a backup strategy in place. Use Terraform to provision and schedule backups, ensuring that you can quickly restore your servers in the event of a failure or compromise.<\/p>\n
<\/p>\n
resource \"aws_ami_from_instance\" \"backup\" {
\n instance_id = aws_instance.hardened_server.id
\n name = \"backup-ami-${timestamp()}\"
\n}<\/code><\/pre>\n<\/p>\n
8. Review and Optimize Regularly<\/h3>\n
<\/p>\n
Security is not a one-time task. Conduct regular reviews and audits of your server configurations and Terraform scripts. Utilize tools like Terraform Compliance or InSpec to ensure your infrastructure conforms to security policies continuously.<\/p>\n
<\/p>\n
Conclusion<\/h2>\n
<\/p>\n
Deploying hardened Linux servers with Terraform is a powerful strategy for maintaining a secure infrastructure. By following these best practices\u2014starting with a minimal base image, automating configurations through modules, applying the principle of least privilege, and ensuring regular updates\u2014you empower your organization to fend off potential threats.<\/p>\n
<\/p>\n
By leveraging Terraform\u2019s capabilities, you not only streamline the deployment process, but also enhance the security, consistency, and resilience of your server deployments. Remember, security is an ongoing process; stay vigilant and adapt to the ever-evolving threat landscape.<\/p>\n
<\/p>\n
About WafaTech<\/h3>\n
<\/p>\n
WafaTech is dedicated to providing insights, tips, and the latest trends in technology. For more articles on server management, cloud technology, and more, stay tuned to the WafaTech Blog!<\/p>\n
<\/p>\n
\n<\/p>\n
With this guide, you now have a roadmap to follow for creating and managing hardened Linux server deployments using Terraform. Happy securing!<\/p>\n\n","protected":false},"excerpt":{"rendered":"
In an era where cyberattacks and data breaches are increasingly sophisticated, organizations must prioritize secure server configurations. Deploying hardened Linux servers is a crucial step in safeguarding your infrastructure. Coupling this with Infrastructure as Code (IaC) using tools like Terraform can further enhance your security posture while ensuring consistent, repeatable deployments. In this article, we’ll […]<\/p>\n","protected":false},"author":2,"featured_media":2136,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","inline_featured_image":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[251,1294,265,237,266,1295],"class_list":["post-2135","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux-security","tag-deployments","tag-hardened","tag-linux","tag-practices","tag-server","tag-terraform","et-has-post-format-content","et_post_format-et-post-format-standard"],"yoast_head":"\n
Best Practices for Hardened Linux Server Deployments with Terraform - WafaTech Blogs<\/title>\n<meta name=\"description\" content=\"Best Practices for Hardened Linux Server Deployments with Terraform %\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Best Practices for Hardened Linux Server Deployments with Terraform\" \/>\n<meta property=\"og:description\" content=\"Best Practices for Hardened Linux Server Deployments with Terraform %\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/\" \/>\n<meta property=\"og:site_name\" content=\"WafaTech Blogs\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-14T15:38:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2221\" \/>\n\t<meta property=\"og:image:height\" content=\"482\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"WafaTech SA\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:site\" content=\"@wafatech_sa\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"WafaTech SA\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":[\"Article\",\"BlogPosting\"],\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/\"},\"author\":{\"name\":\"WafaTech SA\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\"},\"headline\":\"Best Practices for Hardened Linux Server Deployments with Terraform\",\"datePublished\":\"2025-04-14T15:38:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/\"},\"wordCount\":608,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png\",\"keywords\":[\"Deployments\",\"Hardened\",\"Linux\",\"Practices\",\"Server\",\"Terraform\"],\"articleSection\":[\"Linux Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/\",\"name\":\"Best Practices for Hardened Linux Server Deployments with Terraform - WafaTech Blogs\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png\",\"datePublished\":\"2025-04-14T15:38:44+00:00\",\"description\":\"Best Practices for Hardened Linux Server Deployments with Terraform %\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#primaryimage\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/04\\\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png\",\"width\":1024,\"height\":1024,\"caption\":\"linux server hardening Terraform configurations\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/linux\\\/linux-security\\\/best-practices-for-hardened-linux-server-deployments-with-terraform\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Best Practices for Hardened Linux Server Deployments with Terraform\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"name\":\"WafaTech Blogs\",\"description\":\"Smart Technologies\",\"publisher\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\"},\"alternateName\":\"WafaTech\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#organization\",\"name\":\"WafaTech Blogs\",\"alternateName\":\"WafaTech\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"contentUrl\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/logo_big.webp\",\"width\":2221,\"height\":482,\"caption\":\"WafaTech Blogs\"},\"image\":{\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/WafaTech\\\/61560546351289\\\/\",\"https:\\\/\\\/x.com\\\/wafatech_sa\",\"https:\\\/\\\/www.youtube.com\\\/@wafatech-sa\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/wafatech\\\/\"],\"description\":\"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.\",\"email\":\"sales@wafatech.sa\",\"legalName\":\"Al-Wafa Al-Dhakia For Information Technology LLC\",\"foundingDate\":\"2013-01-08\",\"numberOfEmployees\":{\"@type\":\"QuantitativeValue\",\"minValue\":\"11\",\"maxValue\":\"50\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/#\\\/schema\\\/person\\\/1a5761fc0feb63ab59d295d7c2648f06\",\"name\":\"WafaTech SA\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g\",\"caption\":\"WafaTech SA\"},\"url\":\"https:\\\/\\\/wafatech.sa\\\/blog\\\/author\\\/omer-yaseen\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Best Practices for Hardened Linux Server Deployments with Terraform - WafaTech Blogs","description":"Best Practices for Hardened Linux Server Deployments with Terraform %","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/","og_locale":"en_US","og_type":"article","og_title":"Best Practices for Hardened Linux Server Deployments with Terraform","og_description":"Best Practices for Hardened Linux Server Deployments with Terraform %","og_url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/","og_site_name":"WafaTech Blogs","article_publisher":"https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","article_published_time":"2025-04-14T15:38:44+00:00","og_image":[{"width":2221,"height":482,"url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","type":"image\/webp"}],"author":"WafaTech SA","twitter_card":"summary_large_image","twitter_creator":"@wafatech_sa","twitter_site":"@wafatech_sa","twitter_misc":{"Written by":"WafaTech SA","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":["Article","BlogPosting"],"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#article","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/"},"author":{"name":"WafaTech SA","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06"},"headline":"Best Practices for Hardened Linux Server Deployments with Terraform","datePublished":"2025-04-14T15:38:44+00:00","mainEntityOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/"},"wordCount":608,"commentCount":0,"publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/04\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png","keywords":["Deployments","Hardened","Linux","Practices","Server","Terraform"],"articleSection":["Linux Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/","url":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/","name":"Best Practices for Hardened Linux Server Deployments with Terraform - WafaTech Blogs","isPartOf":{"@id":"https:\/\/wafatech.sa\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#primaryimage"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#primaryimage"},"thumbnailUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/04\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png","datePublished":"2025-04-14T15:38:44+00:00","description":"Best Practices for Hardened Linux Server Deployments with Terraform %","breadcrumb":{"@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#primaryimage","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/04\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/04\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png","width":1024,"height":1024,"caption":"linux server hardening Terraform configurations"},{"@type":"BreadcrumbList","@id":"https:\/\/wafatech.sa\/blog\/linux\/linux-security\/best-practices-for-hardened-linux-server-deployments-with-terraform\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wafatech.sa\/blog\/"},{"@type":"ListItem","position":2,"name":"Best Practices for Hardened Linux Server Deployments with Terraform"}]},{"@type":"WebSite","@id":"https:\/\/wafatech.sa\/blog\/#website","url":"https:\/\/wafatech.sa\/blog\/","name":"WafaTech Blogs","description":"Smart Technologies","publisher":{"@id":"https:\/\/wafatech.sa\/blog\/#organization"},"alternateName":"WafaTech","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wafatech.sa\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/wafatech.sa\/blog\/#organization","name":"WafaTech Blogs","alternateName":"WafaTech","url":"https:\/\/wafatech.sa\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","contentUrl":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2024\/06\/logo_big.webp","width":2221,"height":482,"caption":"WafaTech Blogs"},"image":{"@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/WafaTech\/61560546351289\/","https:\/\/x.com\/wafatech_sa","https:\/\/www.youtube.com\/@wafatech-sa","https:\/\/www.linkedin.com\/company\/wafatech\/"],"description":"WafaTech, a leading Saudi IT services provider, specializes in cloud solutions, connectivity, and ICT services. Offering secure cloud infrastructure, high-speed internet, and ICT solutions like hosting, backup, and disaster recovery, WafaTech operates a Tier 3 data center at KAUST with ISO certifications. Regulated by CST, the company is committed to innovation, security, and customer satisfaction, empowering businesses in the digital age.","email":"sales@wafatech.sa","legalName":"Al-Wafa Al-Dhakia For Information Technology LLC","foundingDate":"2013-01-08","numberOfEmployees":{"@type":"QuantitativeValue","minValue":"11","maxValue":"50"}},{"@type":"Person","@id":"https:\/\/wafatech.sa\/blog\/#\/schema\/person\/1a5761fc0feb63ab59d295d7c2648f06","name":"WafaTech SA","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fde877f001a2e0497276edc0684d3ba2a416c0de8caeb8e785076a1b1b932b3a?s=96&d=mm&r=g","caption":"WafaTech SA"},"url":"https:\/\/wafatech.sa\/blog\/author\/omer-yaseen\/"}]}},"jetpack_featured_media_url":"https:\/\/wafatech.sa\/blog\/wp-content\/uploads\/2025\/04\/Best-Practices-for-Hardened-Linux-Server-Deployments-with-Terraform.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/2135","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/comments?post=2135"}],"version-history":[{"count":0,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/posts\/2135\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media\/2136"}],"wp:attachment":[{"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/media?parent=2135"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/categories?post=2135"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wafatech.sa\/blog\/wp-json\/wp\/v2\/tags?post=2135"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}