Server

Ports

We should keep opened only 80 and 443 ports (if using SSL). Any other ports could be closed (excerpt port 22, explained below).

Port 22 should be accessible only by ThoughtLab network.

FTP user

You must use the FTP user created to this specific website. Never use users thought or root to upload your files. cPanel creates a new FTP user as soon as you create a new subdomain.

CloudFlare

We can use CloudFlare to protect our websites from brute-force attacks and many others things that CloudFlare provides us. I’m going to work with Sean and Kevin on this task.

Staging environment

You should setup a new staging environment to test your website. It’s definitely not a good idea to make changes in live sites.