Web server security CHECKLIST
Good day! Is there any checklist?
Here is mine as beginner.
- SSH and SFTP logins only
- add SSH key
- deactivate root
- serverpilot.io they give you firewall and updates. As I know updates for mySQL and PHP with their settings. This firewall allows TCP ports 22 (ssh), 80 (HTTP), and 443 (HTTPS) as well as UDP port 68 (DHCP)
- fail2ban with conf (permanent bans)
- htop for monitoring (CPU, RAM, etc)
- DO Snapshot or Dropbox for auto backups
- something else?
How to secure mySQL, PHP, Apache, maybe NGINX?
Good advices and links are welcome.