Startup Online Business – low budget security tips
What do you do when asked by a small startup at early stage, can you help secure our online business. In many instances they may have already purchased a standalone server either dedicated, shared, virtual or on the cloud some where.
- At a minimum make sure that people connecting to your server are all working from a static IP address
- With these static IP address you can use a number of methods to tie down your server
- Use hosts.allow and hosts.deny and tcp_wrappers
- Use iptables and ipchains
- Use access control directives within apache httpd.conf
- Disable root access and setup accounts for each person connecting and require each user to su in order to access root