This solution will significantly enhance the security of web projects and the server from external threats, such as:
Privacy threats Unauthorized access to data.
Integrity threats unauthorized corruption or the destruction of data.
Accessibility threats restricting or blocking access to data.
List of works to be carried out:
1. Enabling SE Linux and debugging SE Linux security policies
2. Installation of an operating system with total data encryption.
3. Setting a password to change the boot loader of the operating system.
4. Restriction of authorization of the root user under the VNC protocol.
5. Setting up a new user of the system administrator.
6. Installation, the configuration of security modules NAXSI or Mod Security
7. Configuring Firewall (all ports are closed except the necessary ones).
8. Configuring Fail2ban
9. Installing Clam AV antivirus in a bundle of Linux Malware Detect
10. Audit of Linux system by means of LYNIS and implementation of recommendations according to security audit.
11. Disable display of Apache, Nginx, PHP, Bind versions...
16. P. S - For a detailed description of all tasks to strengthen server security, see the attached file.