Quick, Easy & Essential Cyber Security Tips
.
Mask Your Website Weaknesses
This is important!
Make it harder for scanners/ hackers to identify vulnerabilities/ exploit you - Even when your system is vulnerable!
Use generic error pages - For instance, silently redirect 404, 403 errors to your home page
Disable ALL error reporting on your system
Disable Directory Listing
Directory Listing enables an attacker access to restricted data: E.g backup, conf files forgotten in the web-root
In your .htaccess file, add this line: Options -Indexes
Else, having an index.html page in the directory prevents listing as well
Server Hardening
E.g To help prevent SSH login bruteforce attacks
Disable SSH root login
Limit failed SSH authentication attempts. E.g to 3
Use a different SSH port other than 22
Disable FTP; it's authentication is in clear-text (Use SFTP above)
Disable Telnet
Whitelist allowed ports: Typically: HTTP/S, SMTP, SSH
Preventing Injections
E.g SQLi, XSS, Command
In your .htaccess file, add this line: Options -Indexes
Never trust any client generated input - Always sanitize it