Quick, Easy & Essential Cyber Security Tips
This is important!
Make it harder for scanners/ hackers to identify vulnerabilities/ exploit you - Even when your system is vulnerable!
Use generic error pages - For instance, silently redirect 404, 403 errors to your home page
Disable ALL error reporting on your system
Directory Listing enables an attacker access to restricted data: E.g backup, conf files forgotten in the web-root
In your .htaccess file, add this line:
Else, having an index.html page in the directory prevents listing as well
E.g To help prevent SSH login bruteforce attacks
Disable SSH root login
Limit failed SSH authentication attempts. E.g to 3
Use a different SSH port other than 22
Disable FTP; it's authentication is in clear-text (Use SFTP above)
Whitelist allowed ports: Typically: HTTP/S, SMTP, SSH
E.g SQLi, XSS, Command
Never trust any client generated input - Always sanitize it