Question
Web server security CHECKLIST
Good day! Is there any checklist?
Here is mine as beginner.
OS Linux:
- SSH and SFTP logins only
- add SSH key
- deactivate root
- serverpilot.io they give you firewall and updates. As I know updates for mySQL and PHP with their settings. This firewall allows TCP ports 22 (ssh), 80 (HTTP), and 443 (HTTPS) as well as UDP port 68 (DHCP)
- fail2ban with conf (permanent bans)
- htop for monitoring (CPU, RAM, etc)
- DO Snapshot or Dropbox for auto backups
- something else?
How to secure mySQL, PHP, Apache, maybe NGINX?
Good advices and links are welcome.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×