{"id":30996,"date":"2019-06-04T17:03:12","date_gmt":"2019-06-04T13:03:12","guid":{"rendered":"https:\/\/www.msp360.com\/resources\/?p=30996"},"modified":"2023-11-01T15:04:29","modified_gmt":"2023-11-01T11:04:29","slug":"linux-server-hardening-guide","status":"publish","type":"post","link":"https:\/\/www.msp360.com\/resources\/blog\/linux-server-hardening-guide\/","title":{"rendered":"Linux Server Hardening: Best Practices"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">There\u2019s a common misconception out there today: Linux is safe - Windows is not. This simply isn\u2019t true. While there may be more vulnerabilities and risks out there for Windows operating systems - our ways of looking at this need to change. Instead of looking at the chances of risk, a more binary approach needs to be taken. <\/span><!--more--><\/p>\n<p><span style=\"font-weight: 400;\">Do vulnerabilities for Linux systems exist? Yes, they do. Therefore, we must do everything that we can to make our systems as safe as possible.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In computing, <\/span><b>hardening<\/b><span style=\"font-weight: 400;\"> is the term that we use for describing the securing of a system. This process generally doesn\u2019t involve completely securing a system. Rather than locking the system down entirely, and therefore rendering it useless, the practice of server hardening addresses the best ways to minimize the points of vulnerability to the smallest number possible. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">There are a few different ways to approach this process. At the machine level, drives can be encrypted and the BIOS can be secured. At a system level, login security can be considered and password policies can be enacted. At the network level, ports can be blocked and firewalls can be configured. Overall, alerting can be configured, logging can be set up, and audits can be performed.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The end goal of this process is balancing security with effectivity and accessibility. A completely open system may be the easiest to use - but is a security risk and may not be usable for long. A completely locked down system, while secure, offers no value if it can\u2019t be accessed when called upon. Here\u2019s a breakdown of the best practices for hardening Linux servers.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Linux Machine Level Hardening<\/span><\/h2>\n<p><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-31006 size-full\" src=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6-1.png\" alt=\"Linux Machine Level Hardening\" width=\"608\" height=\"293\" srcset=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6-1.png 608w, https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6-1-300x145.png 300w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Drive Encryption<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Drive encryption will render any disk that is stolen useless by a would-be data thief. An encrypted drive is unreadable by anyone who doesn\u2019t have the encryption password or key. Many Linux distributions offer drive encryption as part of the installation process. Distributions that don\u2019t offer drive encryption can still be secured by using third-party encryption applications.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One popular encryption application is <\/span><b>dm-crypt<\/b><span style=\"font-weight: 400;\">. This can be installed with the following commands:<\/span><\/p>\n<ul>\n<li><b>yum install cryptsetup-luks<\/b><span style=\"font-weight: 400;\"> - package installation on Red Hat\/Fedora systems<\/span><\/li>\n<li><b>apt-get install cryptsetup <span style=\"font-weight: 400;\">- package installation on Debian-based systems<\/span><\/b><\/li>\n<\/ul>\n<p>Once installed, you can begin the encryption process with the following command:<\/p>\n<pre><b>cryptsetup -y -v luksFormat (partition)<\/b>\r\n<\/pre>\n<p><span style=\"font-weight: 400;\">There are several options to follow after beginning the encryption process, so be sure to read the <\/span><b>man <\/b><span style=\"font-weight: 400;\">page and follow instructions closely.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">BIOS Security<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The most important part of BIOS security is the easiest and most obvious - a secured BIOS should require password authentication for access. Use a secure password that follows the same policy that the rest of your operating-system-level passwords use. Pick a password that is different than any of the other passwords that you use for your system.<\/span><\/p>\n<blockquote><p><span style=\"font-weight: 400;\">In addition to securing the BIOS with a password, booting to any external devices should be disabled. This includes not only a CD\/DVD, but a USB device as well. The threat of allowing an intruder to plug-in a USB stick and boot into the system fairly quickly is a vulnerability that is resolved by making this change.<\/span><\/p><\/blockquote>\n<h3><b>Partitioning<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">When setting up a Linux system for the first time, many different partitioning options are given, including custom partitioning. A safe rule of thumb would be to keep the following directories in separate partitions:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/boot<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/usr<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/var<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/home<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/tmp<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">\/opt<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Disk partitioning allows for the limitation of damage when file system errors occur. Generally, OS-level disk errors will not travel from one partition to the other, minimizing the damage done. <\/span><\/p>\n<p><span class=\"further-reading \">Further reading<\/span> <a href=\"https:\/\/www.msp360.com\/resources\/blog\/linux-resize-partition\/\">How to Resize Partition in Linux<\/a><\/p>\n<p><span style=\"font-weight: 400;\">Access levels can be separated by partition as well. The boot directory, for example, contains several important files that are related to the Linux kernel. This directory should be set to read-only so that the data on this partition can be accessed, but not changed unless the server is booted into single-user recovery mode. \u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To set the <\/span><b>\/boot<\/b><span style=\"font-weight: 400;\"> directory to read-only, open the <\/span><b>\/etc\/fstab<\/b><span style=\"font-weight: 400;\"> file and add the following line at the bottom:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">LABEL=\/boot \u00a0\u00a0\u00a0\u00a0\/boot ext2 \u00a0\u00a0defaults,ro 1 2<\/span>\r\n<\/pre>\n<h2><span style=\"font-weight: 400;\">Linux System Level Hardening<\/span><\/h2>\n<p><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-31005 size-full\" src=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.1-1.png\" alt=\"Linux System Level Hardening\" width=\"608\" height=\"293\" srcset=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.1-1.png 608w, https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.1-1-300x145.png 300w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/span><\/p>\n<h3><span style=\"font-weight: 400;\">System Updates<\/span><\/h3>\n<p id=\"last\"><span style=\"font-weight: 400;\">When a Linux system is built for the first time, a system update should be run so that all of the software packages are running the latest versions. Updates should be run using the native RPM package manager, such a <\/span><b>yum<\/b><span style=\"font-weight: 400;\"> for Red Hat Enterprise Linux systems and <\/span><b>apt-get<\/b><span style=\"font-weight: 400;\"> for Debian-based systems, such as Ubuntu.<\/span><\/p>\n<div id=\"slidebox\"><a class=\"close\"> <\/a><!--HubSpot Call-to-Action Code --><span class=\"hs-cta-wrapper hs-cta-deferred\" id=\"hs-cta-wrapper-aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\" data-portal=\"5442029\" data-id=\"aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\"><span class=\"hs-cta-node hs-cta-aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\" id=\"hs-cta-aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\"><!--[if lte IE 8]><div id=\"hs-cta-ie-element\"><\/div><![endif]--><a href=\"https:\/\/cta-redirect.hubspot.com\/cta\/redirect\/5442029\/aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"hs-cta-img\" id=\"hs-cta-img-aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6\" style=\"border-width:0px;\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/aa07fdb8-7776-46a5-9fa0-ec6e93f0f0a6.png\" alt=\"CTA\"><\/a><\/span><\/span><!-- end HubSpot Call-to-Action Code --><\/div>\n<p><span style=\"font-weight: 400;\">After the initial updates have been run, the system should continually be kept up-to-date. Most distributions can be set up to automatically run updates, or notify system administrators via e-mail when system updates when available. Many of these updates address security vulnerabilities found by the Linux community, so keeping systems as up-to-date as possible is essential.<\/span><\/p>\n<p><span class=\"further-reading \">Further reading<\/span> <a href=\"https:\/\/www.msp360.com\/resources\/blog\/os-hardening-checklist-and-best-practices\/\">System Hardening Checklist<\/a><\/p>\n<h3><span style=\"font-weight: 400;\">Root Login Security<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Disabling, or limiting, root logins has multiple benefits. Forcing users to use the <\/span><b>sudo<\/b><span style=\"font-weight: 400;\"> command to execute administrative-level commands creates a level of auditing that doesn\u2019t exist if multiple different users are logging in as root to perform the same tasks. Additionally, forcing users to have to use the <\/span><b>sudo <\/b><span style=\"font-weight: 400;\">command to make major system changes causes them to think twice before acting, verifying the necessity of every system-level change.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The most secure process would be to disable all root access. This can be set up in a way that only allows root login in single-user mode recovery situations. If this isn\u2019t suitable in a specific situation, remote logins as root should be disabled. All users accessing the system via FTP, SSH, or any other remote protocol should be forced to use their own username for login.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Password Policies<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Behind every secure system is a strong user password policy. First of all, every user should be required to use a password. System administrators who are taking over an already established system can use the following command to verify that there aren\u2019t any accounts set up with empty passwords:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">awk -F: '($2 == \"\") {print}' \/etc\/shadow<\/span>\r\n<\/pre>\n<p><span style=\"font-weight: 400;\">Any passwords that have been found blank can be disabled with this command:<\/span><\/p>\n<pre><span style=\"font-weight: 400;\">passwd -l <\/span><i><span style=\"font-weight: 400;\">(account-name)<\/span>\r\n<\/i><\/pre>\n<p><span style=\"font-weight: 400;\">Users should also be forced to use strong passwords. A general rule for a strong password would be one that is at least 8 characters long and has at least one letter, one number, and one special character. Password aging can be established to force users to change passwords after a specific amount of time. Finally, password history can be recorded and users can be forbidden from using the same passwords over again.<\/span><\/p>\n<div class=\"call-to-action\">\n<div class=\"call-to-action__left\" style=\"width: 60%;\">\n<div class=\"call-to-action__title\">MSP's Educational Posters on Password Security<\/div>\n<div class=\"call-to-action__text\">\n<p>The poster pack includes:<\/p>\n<ul>\n<li>Best practices for creating strong passwords<\/li>\n<li>Reminders on how secure passwords should look like<\/li>\n<li>Chart to check if your password is secure enough<\/li>\n<\/ul>\n<\/div>\n<!--HubSpot Call-to-Action Code --><span class=\"hs-cta-wrapper hs-cta-deferred\" id=\"hs-cta-wrapper-88fb277b-8296-40db-9698-b362eb68ccaa\" data-portal=\"5442029\" data-id=\"88fb277b-8296-40db-9698-b362eb68ccaa\"><span class=\"hs-cta-node hs-cta-88fb277b-8296-40db-9698-b362eb68ccaa\" id=\"hs-cta-88fb277b-8296-40db-9698-b362eb68ccaa\"><!--[if lte IE 8]><div id=\"hs-cta-ie-element\"><\/div><![endif]--><a href=\"https:\/\/cta-redirect.hubspot.com\/cta\/redirect\/5442029\/88fb277b-8296-40db-9698-b362eb68ccaa\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\"hs-cta-img\" id=\"hs-cta-img-88fb277b-8296-40db-9698-b362eb68ccaa\" style=\"border-width:0px;\" src=\"https:\/\/no-cache.hubspot.com\/cta\/default\/5442029\/88fb277b-8296-40db-9698-b362eb68ccaa.png\" alt=\"CTA\"><\/a><\/span><\/span><!-- end HubSpot Call-to-Action Code -->\n<\/div>\n<div class=\"call-to-action__right\" style=\"width: 40%;\"><img decoding=\"async\" src=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2020\/04\/MSPs-Educational-Posters-on-Password-Security.png\" alt=\"Whitepaper icon\" \/><\/div>\n<\/div>\n<h2><span style=\"font-weight: 400;\">Linux Network Level Hardening<\/span><\/h2>\n<p><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-31004 size-full\" src=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.2-1.png\" alt=\"Linux Network Level Hardening\" width=\"608\" height=\"308\" srcset=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.2-1.png 608w, https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.2-1-300x152.png 300w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Port Security<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Simply stated, network ports that aren\u2019t being used shouldn\u2019t be left open. Specifically vulnerable ports, such as port 23 for Telnet connections, should be closed on all systems. The ports that each Linux system needs open will depend on the use of the system. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">To secure ports the remaining port that will be let open, a few practices can be used.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Changes the default port. For example - instead of using port 22 for SSH access, use port 2222.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Restrict port access to specific host IP addresses. This can be done at a few different levels. <\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Disable remote logins by root.<\/span><\/li>\n<\/ul>\n<p><div class=\"perfect-pullquote vcard pullquote-align-full pullquote-border-placement-left\"><blockquote><p>Simply stated, network ports that aren\u2019t being used shouldn\u2019t be left open.<\/p><\/blockquote><\/div><br \/>\n<span style=\"font-weight: 400;\">A good place to start with port security is to find out which ports your server is listening on. Use the following command to find a listing of the listening ports:<\/span><\/p>\n<pre> <span style=\"font-weight: 400;\">netstat -tulpn<\/span>\r\n<\/pre>\n<p><span style=\"font-weight: 400;\">With this information, you can determine which listening ports are needed, and which ones should be disabled.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Firewall Configurations<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">There are many different software firewalls that can be used to further secure Linux servers.<\/span><\/p>\n<p><b>IPTables <\/b><span style=\"font-weight: 400;\">is a program that allows you to use the firewall provided by the Linux kernel. You can use <\/span><b>IPTables <\/b><span style=\"font-weight: 400;\">to permit or deny traffic by source IP address and port. Incoming, outgoing, and forwarded packets can be filtered as needed.<\/span><\/p>\n<p><b>SELinux <\/b><span style=\"font-weight: 400;\">is an access control firewall that is effective for traffic filtering as well. The three configuration modes of SELinux are:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Enforcing - The default configuration for SELinux. In this mode, SELinux is online and will block traffic that isn\u2019t specifically allowed in the configuration.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Permissive - SELinux will allow all traffic through. Traffic will be monitored and logged. Notifications and warnings will be communicated.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Disabled - SELinux is turned off. Traffic is not monitored at all, and nothing is logged.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The best policy is to leave SELinux set to enforcing mode at all times and to use permissive mode to troubleshoot any issues that may arise with your configurations. To check to see what mode SELinux is currently configured to, use the following command:<\/span><\/p>\n<ul>\n<li style=\"list-style-type: none;\">\n<ul>\n<li><b>sestatus<\/b><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">To set the SELinux mode to enforcing, use this command:<\/span><\/p>\n<ul>\n<li><b>setenforce enforcing<\/b><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">You can use the same command to change the mode to passive mode as well if needed.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Linux Alert Level Hardening<\/span><\/h2>\n<p><span style=\"font-weight: 400;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-31007 size-full\" src=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.3-1.png\" alt=\"Linux Alert Level Hardening\" width=\"608\" height=\"335\" srcset=\"https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.3-1.png 608w, https:\/\/www.msp360.com\/resources\/wp-content\/uploads\/2019\/06\/Group-6.3-1-300x165.png 300w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Audit Configuration<\/span><\/h3>\n<p><span style=\"font-weight: 400;\">The most effective way to respond to threats when they happen is to be able to have a good understanding of what happening before, during, and after the threat occurred. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">Auditing your Linux system can be set up using <\/span><b>auditd<\/b><span style=\"font-weight: 400;\">. \u00a0Auditd will write audit records to disk for review when needed. Two different utilities, <\/span><b>ausearch<\/b><span style=\"font-weight: 400;\"> and <\/span><b>aureport<\/b><span style=\"font-weight: 400;\"> can be used for viewing audit logs, and the <\/span><b>auditctl<\/b><span style=\"font-weight: 400;\"> utility can be used for audit configuration.<\/span><\/p>\n<h3><span style=\"font-weight: 400;\">Log Configuration <\/span><\/h3>\n<p><span style=\"font-weight: 400;\">Knowing where the logs that you need for troubleshooting are located will also help your investigation into security vulnerabilities. A majority of the log files on Linux systems are stored in the <\/span><b>\/var\/log <\/b><span style=\"font-weight: 400;\">directory. Here are a few of the logs that can be referenced when looking into threats:<\/span><\/p>\n<ul>\n<li><b>\/var\/log\/messages <span style=\"font-weight: 400;\">- a general log for Linux systems<\/span><\/b><\/li>\n<li><strong>\/var\/log\/auth.log<\/strong> <span style=\"font-weight: 400;\">- a log file that lists all authentication attempts (Debian-based systems)<\/span><\/li>\n<li><strong>\/var\/log\/secure<\/strong> <span style=\"font-weight: 400;\">- a log file that lists all authentication attempts (Red Hat and Fedora-based systems)<\/span><\/li>\n<li><strong>\/var\/log\/utmp<\/strong> <span style=\"font-weight: 400;\">- an access log that contains information regarding users that are currently logged into the system<\/span><\/li>\n<li><strong>\/var\/log\/wtmp<\/strong> <span style=\"font-weight: 400;\">- an access log that contains information for all users that have logged in and out of the system<\/span><\/li>\n<li><strong>\/var\/log\/kern.log<\/strong> <span style=\"font-weight: 400;\">- a log file containing messages from the kernel<\/span><\/li>\n<li><strong>\/var\/log\/boot.log<\/strong> <span style=\"font-weight: 400;\">- a log file that contains start-up messages and boot information<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">A good way to monitor log activity is to use third-party log monitoring software, such as <\/span><b>LogWatch<\/b><span style=\"font-weight: 400;\">, for log analysis and notifications. Notifications and daily digests can be sent to administrators via email.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Conclusion<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">While securing your Linux system is important, it\u2019s not difficult. Time invested going through steps like the ones laid out will return dividends in the future. The surface area of attack will shrink, threats that make it through your system will be minimized, and you will have the proper documentation to respond to intrusions and prevent them in the future.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Approaching system hardening with a four-level approach is an effective way to secure your system in multiple areas. Locking down the BIOS and separating partitions sets a secure foundation at the machine level. System-level hardening, including keeping your system updates current and enforcing strong passwords helps to prevent the newest threats on the web. Network-level hardening helps reduce your system\u2019s points of failure, and alert level hardening helps us to stay informed.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s essential to do everything you can to keep your Linux system safe. Ignoring threats can have resounding consequences that will live on long past issues resolvement. Don't wait another day verify that your system is secure!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There\u2019s a common misconception out there today: Linux is safe &#8211; Windows is not. This simply isn\u2019t true. While there may be more vulnerabilities and risks out there for Windows operating systems &#8211; our ways of looking at this need to change. Instead of looking at the chances of risk, a more binary approach needs [&hellip;]<\/p>\n","protected":false},"author":75,"featured_media":44416,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[889,878],"tags":[920],"class_list":["post-30996","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-msp-business-guides","category-msp-university","tag-guide-to-linux-systems-management"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/posts\/30996","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/users\/75"}],"replies":[{"embeddable":true,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/comments?post=30996"}],"version-history":[{"count":1,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/posts\/30996\/revisions"}],"predecessor-version":[{"id":56472,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/posts\/30996\/revisions\/56472"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/media\/44416"}],"wp:attachment":[{"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/media?parent=30996"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/categories?post=30996"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.msp360.com\/resources\/wp-json\/wp\/v2\/tags?post=30996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}