Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home General
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

CloudServer-Audit - A Simple Security Audit Tool for Your VPS

0xHexad0xHexad Member
in General

Hey everyone,
Like many of you, every time I spin up a new VPS, I find myself doing the same tedious security checks - is root login disabled? Password auth off? Firewall configured? Empty password users? It’s the same routine every single time.
So I started writing a script to automate this. Initially it was just for SSH hardening checks, but it kept growing as I added more things I wanted to verify. Now it’s turned into a reasonably complete security audit tool, so I figured I’d share it - maybe it’ll save someone else some time too.
What it does:
Runs security checks on your Debian/Ubuntu server and gives you a clear report. Two modes:
∙ Audit mode - Read-only, just tells you what’s good and what needs fixing
∙ Guide mode - Interactive wizard that can automatically fix common security issues (with backup & rollback)
Features:
∙ Modular - check everything or just specific areas (SSH, firewall, users, etc.)
∙ Malware scanning - detects crypto miners, webshells, rootkits, suspicious processes
∙ Auto-backup before any changes, one-command rollback if needed
∙ Clean dual-column terminal output
∙ Outputs JSON/Markdown/SARIF reports for CI/CD integration
∙ Chinese & English interface
What it checks:
∙ SSH hardening (root login, password auth, key-only auth, etc.)
∙ User security (UID 0 accounts, empty passwords, sudoers)
∙ Firewall (UFW/iptables/nftables/firewalld)
∙ Fail2ban config
∙ Kernel params (ASLR, sysctl hardening)
∙ File permissions (SUID/SGID, world-writable)
∙ Docker security (if installed)
∙ Suspicious cron jobs and processes
∙ And more…

one-liner: curl -fsSL https://raw.githubusercontent.com/Lynthar/CloudServer-Audit/main/run.sh | sudo bash

Full disclosure: I built this with significant help from Claude (yes, the AI). It helped a lot with the bash scripting and structuring the codebase. Still actively developing it.
GitHub: https://github.com/Lynthar/CloudServer-Audit
Would love to hear feedback, bug reports, or feature suggestions. If it helps even one person skip the manual security checklist routine, that’s a win. Cheers!

Comments

  • tentortentor Member, Host Rep

    Why someone should use your tool and not https://cisofy.com/lynis/ for example?

  • 0xHexad0xHexad Member

    @tentor said:
    Why someone should use your tool and not https://cisofy.com/lynis/ for example?

    Lynis is solid but it just gives you a huge report and that’s it - you still gotta do all the work yourself. This one’s simpler and actually fixes the boring stuff for you (SSH, firewall, fail2ban, etc.), so you’re not doing the same manual config dance every time you spin up a new box.

Sign In or Register to comment.