Think of safety as when the criminal penetrates one layer of security. Then there is just another protective layer behind it. Bad guys and criminals are often entrepreneurs with a mission. Mostly getting revenue or accessing valuable information. Criminals mostly go for the lowest hanging apples. You and your business should not be a low hanging apple. This is a list of layers you should implement:
- 2-Step Verification
- Hardcore, complex passwords everywhere
- Use different, hardcore, complex usernames everywhere when possible
- SSL encryption
- SSH encryption
- WordPress sites updated to latest version
- All WordPress themes updated
- All WordPress plugins updated
- 2-Step Verification on WordPress or use .htaccess based IP control
- Ubuntu filesystem system set with correct permission
- Ubuntu updated
- Configure the firewall in EC2 only to allow incoming traffic on port 443 from the IP-range that belongs to CloudFlare.
- The EC2 firewall should only allow incoming traffic on port 22 from your computers IP
- The EC2 firewall should only allow outgoing traffic to the Internet on port 22, 80 and 443. Port 80 is only for the Ubuntu updater “sudo apt-get.”
- Use IPVanish or similar VPN protection on your phone, tablet, PC and Mac.