Recently got hacked. How should I prevent it from happening again? (Django / Ubuntu / Postgres / Gunicorn / Nginx)
So our website (clothing e-commerce startup) was recently attacked by an SYN flood initiated by a Chinese IP. It took almost a full day getting everything back up, reloading the database, copying images etc. - Needless to say, not a very pleasant experience and lost a lot of precious time.
Tech stack: Django 1.6.7/ Postgres / Nginx / Gunicorn / Elasticsearch
I want to know what all I can do to prevent something like this from happening again. Have already done the following steps, following the DO tutorials (they are great btw) at https://www.digitalocean.com/community/tutorial_series/new-ubuntu-14-04-server-checklist
- Updated all packages and downloaded security updates
- Set up SSH keys
- Disabled root login
- Changed SSH port to a random large number
- Setup UFW with disabling all incoming and outgoing connections except for the ports on which services are running (For Nginx, Gunicorn, Elasticsearch, Postgres and Redis)
Anything else I can do to prevent such a hack from happening again? Also do I need to install fail2ban given that root login is disabled and UFW rules are setup?