NethServer Brings New Security Options to the Table with Release of Version 7.5

With the release of NethServer 7.5 on June 11 came the news that the latest version of NextCloud would be integrated into the operating system. Several improvements were added to NextCloud 13.02 in order to build better overall security for users who employ the platform as well as to increase total performance. These improvements include support for PHP 7.1 technology as well as strict-transport-security HTTP headers.

System administrators and Linux security experts also looked forward to the default inclusion of Mattermost. This open-source private cloud platform is an alternative to Slack and now comes with NethServer as of the 7.5 release edition. It works as a configurable enterprise messenger that’s secured from the ground up.

Perhaps the most important security improvement, however, comes in the form of an easier method of hardening TLS polices. Administrators who work with NethServer now have access to a new policy selector that allows them to set an enforced security level from a drop-down box. While use of the command line is still every bit as encouraged as always, this should be a welcome addition to Linux security managers who have to take care of several different systems and therefore need an at-a-glance method of easily controlling this functionality.

It fits in with NethServer’s design ethos, which is built around a browser-based interface that lists common administration and security options on a page that’s every bit as easy to use as a webmail inbox. This is very similar to the system software run by many modems, routers and network switches so it lends itself well to applications that require convenient and efficient server management without sacrificing security.

These improvements are the newest installments in a long line of updates that users of the CentOS-based distro have had the privilege of taking advantage of in recent months. On June 1, the distribution announced a new development version that included Fail2Ban in the base package. This important package automatically bans IP addresses that show signs of irregularity. It comes with filters for a variety of popular services including OpenSSH and Apache. Deployment of Fail2Ban should help to reduce the rate of incorrect attempts to access an account.

John Rendace
John is a GNU/Linux expert with a hobbyist's background in C/C++, Web development, storage and file system technologies. In his free time, he maintains custom and vintage PC hardware. He's been compiling his own software from source since the DOS days and still prefers using the command line all these years later.