Comprehensive Website Security Hardening

My goal is to lock down every layer of my site—from the public-facing pages to the deepest archive folders—so that outside parties can’t tamper with, read, or drop malicious code into anything I host. Here’s the protection I need: • Hardware firewall: I already decided on a dedicated appliance rather than a cloud or purely software approach. I’ll need help selecting a suitable model (Cisco, Fortinet, SonicWall – whatever fits the traffic load), installing it in my rack, and configuring the base rules. • Software-level rules: Once the hardware is in place, I still want tight control over two critical points—database access and the file system. Craft rules that block any unauthorized requests while keeping legitimate site functions untouched. • Continuous malware scanning: Set up an automated scanner that sweeps all web roots, archives, and media folders on a schedule, quarantines anything suspicious, and alerts me immediately. If you prefer tools like ClamAV, Maldet, or a commercial suite, tell me why and put it in place. Acceptance criteria – Hardware firewall live, tested, and logging traffic. – Access to MySQL/PostgreSQL (and any other DB engine present) limited strictly to whitelisted services and IPs. – File-system rules stop write attempts from unknown processes. – Malware scanner runs on schedule, produces daily reports, and triggers alerts on detection. – Documentation provided so I can understand and maintain every rule and scan job. If you have deep experience hardening Linux-based servers and tuning hardware firewalls for high-traffic sites, let’s get started.

ID do Projeto: 39969379