- Change ssh port number from 22 to custom number
- Disable root direct login or ssh access.
- Setup ssh key login for all ssh users.
- Block all port except http. https, ssh
- Disable Unwanted Linux Services # chkconfig --list | grep '3:on'
- Disable directory listing [Options Indexes]
- Keep updating server Regularly # yum update -y
- Install csf, fail2ban and mod_security
- Hide Apache Version Number and Other Sensitive Info
- Forward 80 port access to 443 i.e http to https
- 404 error redirect # ErrorDocument 404 https://domain.com/404.html
- Check any of users have empty passwords # cat /etc/shadow | awk -F: '($2==""){print $1}'
- Disable IPv6.
- Block anonymous FTP upload
- Disable unwanted php functions //disable_functions in php.ini
- Disable weak ciphers
For more help and support https://winhat.in
Top comments (0)