Software security is hard because there are all sorts of things that can go wrong. I'm not an expert and I don't have all the answers and I won't pretend to. This page is just a collections of things that seem to work okay.

Miscellaneous

• Configure SSH
• Use Fail2Ban
• Distinguish between user accounts and accounts used for services, maintenance, etc.
  • For example: as seen in Resource Limiting, having a users group which designates user accounts (as opposed to system accounts) can be nice.