Countermeasures
After you have conducted your own security scanning and patched your site, you will want to go about hardening your site.
Here are some vital things:
Close all unnecessary ports, or open ONLY the ones you need.
Uninstall any extension not in use (mambot, plug-in, component, module).
Uninstall FrontPage Services from shared hosting. If you are using Joomla!, you will not need FrontPage.
Ensure that your host is at the latest patch levels for OS and the associated moving parts such as Apache, OpenSSL, MySQL (version dependent), and PHP.
Set your permissions as tightly as possible.
Fine-tune your site through
.htaccess
andphp.ini
.If you allow uploads, limit the size and sequester them for testing.
Check your log files frequently.
Block specific countries that are known to be havens for attacks, IF you do not need traffic from those countries. See the final chapter in this book for a good way to find this information.
Have an excellent disaster recovery and business continuity plan...