Ansible Hardening

Ansible role for security hardening. Mirror of code maintained at
Alternatives To Ansible Hardening
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
How To Secure A Linux Server14,766
11 days ago21cc-by-sa-4.0
An evolving how-to guide for securing a Linux server.
7 days ago1February 27, 2018153gpl-3.0Shell
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Yubikey Guide9,587
25 days ago26mitShell
Guide to using YubiKey for GPG and SSH
The Practical Linux Hardening Guide8,217
3 years ago3mit
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
a day ago20apache-2.0Python
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
2 days ago15mitJavaScript
Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
Awesome Security Hardening4,279
2 months ago68
A collection of awesome security hardening guides, tools and other resources
3 days ago4August 26, 202250agpl-3.0C
🛡️ Make your web services secure by default !
5 months ago50mitJavaScript
user.js -- Firefox configuration hardening
3 months ago2April 06, 202113gpl-3.0Go
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Alternatives To Ansible Hardening
Select To Compare

Alternative Project Comparisons



The ansible-hardening role applies security hardening configurations from the Security Technical Implementation Guide (STIG) to systems running the following distributions:

  • CentOS 8
  • Debian Buster
  • Ubuntu Bionic
  • Ubuntu Focal

For more details, review the ansible-hardening documentation.

Release notes for the project can be found at:


This role can be used with or without OpenStack-Ansible. It requires Ansible 2.3 or later.

Role Variables

All of the variables for this role are in defaults/main.yml.


This role has no dependencies.

Example Playbook

Using the role is fairly straightforward:

- hosts: servers
     - ansible-hardening

Running with Vagrant

This role can be tested easily on multiple platforms using Vagrant.

The Vagrantfile supports testing on:

  • Ubuntu 16.04
  • CentOS 7

To test on all platforms:

vagrant destroy --force && vagrant up

To test on Ubuntu 14.04 only:

vagrant destroy ubuntu1404 --force && vagrant up ubuntu1404

To test on Ubuntu 16.04 only:

vagrant destroy ubuntu1604 --force && vagrant up ubuntu1604

To test on CentOS 7 only:

vagrant destroy centos7 --force && vagrant up centos7


Apache 2.0

Author Information

For more information, join #openstack-ansible on OFTC.

Popular Hardening Projects
Popular Security Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Security Hardening