Skip to content

maxuru ~ % cat about

About Maxuru

Maxuru is a hardening reference for servers, services and databases — SSH, the common web servers, the databases, the message brokers, the container platforms. It exists because the answers to “how do I actually secure this” are usually scattered across mailing-list threads, half-right blog posts, and vendor docs that assume you already know the answer.

Each control on this site carries the same three things, because a hardening instruction is not much use without them:

  • The fix — the exact directive or command, in the file it belongs in. If you already know what you’re doing, you copy it and leave.
  • Verification — the command that proves the change actually took effect in the running service, not just that you edited a file. Setting a directive and having it apply are different claims.
  • The way back out — what to check before you apply it, so a hardening step doesn’t lock you out of your own host. This is the part most write-ups skip.

The aim is a page you can act on at 2am mid-incident, not an article you read.

Security defaults move. Authentication methods get deprecated, cipher lists age out, ports get renamed, and “best practice” from a few years ago is sometimes actively wrong today. Every page is written against the current upstream documentation and release notes for the software it covers, and version-specific behaviour is called out explicitly rather than assumed.

Where a widely-repeated recommendation has expired — a header that’s now deprecated, a feature that’s been removed, a setting that no longer does anything — the page says so, and says what replaced it.

Maxuru is a technical reference, not a guarantee. Systems differ, versions differ, and the only configuration that matters is the one running on your host. Every page includes a verification step precisely so you can confirm the result on your own system rather than trusting a checklist. Test changes somewhere safe before you apply them to something you care about.

Last updated: