Probably one of the top issues in running a website is security. A hacker successfully getting into your website could effectively shut it down. Though there is no guaranteed way to stop a determined hacker, one needs to put up as many walls as possible to deter the casual hackers.
Here’s some tips on hardening a Linux web server:
– Disable root login. I see this attempted all the time in my logs.
– Use ssh/sftp and disable telnet/ftp.
– Disable all logins, except for the necessary ones.
– Keep all software up to date.
– Keep regular backups of data. One time, a hacker did get through. Fortunately, I had a recent backup and didn’t lose too much data.
– Make sure any code is immune from SQL injection and XSS attacks. There are libraries/tools that run on top of code that will catch suspicious activity before it hits any code.
– Install Brute Force Detection. This will detect authentication failures and automatically block them.
– Install an Intrusion Detection System (IDS) such as OSSEC. It monitors many things and also automatically blocks suspicious activity.