1. Server and Web site vulnerability detection for Web vulnerabilities, weak passwords, potentially malicious behavior, illegal information and other periodic scans.
2. regularly check code, security checks, vulnerability checks.
3. The server security reinforcement, security baseline settings, security baseline examination.
4. The execution of database commands, add fields, plus indexing, must be tested to check the command to run in a formal environment.
data backup
1. Server data backup, file backup program including website, database, file backup, file backup configuration, if the best resource backup and offsite backup per hour.
2. Establish a five-backup mechanism: regular backups, automatic synchronization, LVM snapshot, Azure backup, S3 backup.
3. periodically check whether the backup file is available, to avoid the failure, the backup data is not available. Multiple important data encryption algorithm encryption.
4. The program file version control, testing, release, failure to roll back.
Security Monitoring
1.nagios regular state monitoring server CPU load, memory, disk, traffic, exceeds the threshold alarm.
2.zabbix or cacti monitoring server general state of the CPU load, memory, disk and flow status, you can display the historical curve, easy to troubleshoot. 3. Monitoring Server SSH login record, iptables status, process status, abnormal alarm recording.
4. Monitoring sites WEB log (including log nginx php logs, etc.), can be used to collect EKL management, exception log alarms. Operation and maintenance personnel should be alert to receive e-mail and text messages, at least as responsible for business mail and SMS alerts must receive, operation and maintenance managers to receive important business mail and SMS alerts.
5. (unless it is a full-time operation and maintenance Development) In addition to the internal control server, it is best to use a third-party monitor, whether from external monitoring service normal (monitor URL, port, etc.), such as: monitoring treasure.