https://store-images.s-microsoft.com/image/apps.42763.0aebe31b-a0d5-48ec-b3cb-61b254aa6450.c2252bf2-a5f4-4aa8-95fe-e776ff9bcf44.46763b38-1476-4ad2-aeb6-b030cf6c6e64

Docker Compose Hardened Ubuntu 24.04 Minimal Server (Extended Security)

by Madarson It, LLC

Securely run Docker apps on a hardened Ubuntu 24.04 LTS Minimal with Docker, Compose, firewall, Fail2Ban, and auto-updates pre-configured.

The Madarson IT Docker Compose Server with Extended Security is built on the Basic Plan, with additional hardening focused on the Ubuntu 24.04 LTS Minimal OS to meet stricter security requirements.

This plan is ideal for production environments that demand enhanced system-level protections while maintaining ease of use for containerized workloads.

Extended OS Security Highlights:

  • All Basic Plan security features included
  • Ubuntu 24.04 LTS Minimal image secured following industry-recognized hardening guideliness
  • Strict AppArmor profiles enabled for system services and containers
  • Enhanced SSH configurations including rate limiting and banner warnings
  • Secure sysctl kernel parameters tuned for network and filesystem security
  • Automatic security updates with audit logging of package changes
  • Fail2Ban configured with stricter, customized rules
  • Minimal set of system services enabled, reducing attack surface

Docker Compose Use Case:

Deploy multi-container applications securely with docker-compose up, benefiting from the underlying OS hardening.

Bonus:

  • Same Docker Compose templates and helper scripts as the Basic Plan

Contact us at info@madarsonit.com for customized security consultations or pricing.

Disclaimer: Docker and Ubuntu are trademarks of their respective owners. Madarson IT is not affiliated with these companies.

Technical Details (Click to expand)
  • OS: Ubuntu 24.04 LTS Minimal image secured following industry-recognized hardening guidelines
  • Installed Software:
    • Docker CE (latest)
    • Docker Compose v2
    • UFW firewall
    • Fail2Ban (customized rules)
    • Trivy (vulnerability scanner)
    • ClamAV (AntiVirus scanner)
    • Unattended-upgrades with audit logging
    • AppArmor enabled with custom profiles
  • Security Hardening:
    • SSH access restricted (key only, no root login) with rate limiting
    • Firewall enabled with minimal allowed ports
    • System tuned via secure sysctl settings
    • Strict AppArmor profiles
    • Fail2Ban with enhanced rules
    • Minimal system services enabled
    • Daily security patches with logging
  • Access: SSH key-based login (default user: azureuser)
  • Files Included:
    • /opt/madarson/docker-compose.yml
    • /opt/madarson/README.txt, nginx.conf
    • /opt/madarson/start.sh, update.sh, secure.sh

At a glance

https://store-images.s-microsoft.com/image/apps.12898.0aebe31b-a0d5-48ec-b3cb-61b254aa6450.c2252bf2-a5f4-4aa8-95fe-e776ff9bcf44.8cf0b226-724b-4537-9022-f68f4d9e86eb
https://store-images.s-microsoft.com/image/apps.53941.0aebe31b-a0d5-48ec-b3cb-61b254aa6450.c2252bf2-a5f4-4aa8-95fe-e776ff9bcf44.258b4bb3-5901-4dbc-9763-5e254100091b
https://store-images.s-microsoft.com/image/apps.41154.0aebe31b-a0d5-48ec-b3cb-61b254aa6450.c2252bf2-a5f4-4aa8-95fe-e776ff9bcf44.8a3be1e7-8b69-4e8f-b5dd-0c416efc4942