Block the port to connect from any IP to the server using the private key file.
Allowed only known IPs to connect with the server.
File/Folder permissions changes
Change file and directory permissions to 644 and 755 respectively. Follow below commands from root directory:
find . -type f -exec chmod 644 {} \;
find . -type d -exec chmod 755 {} \;
CMS or Framework related security ( Code level )
Avoid Direct access to internal files
Use index or htaccess file to avoid direct access to the files inside the directory
Allowed only known IPs to connect with the server.
Use CSRF (Cross-site request forgery)
Enable CSRF token implementation to handle any type of request to avoid forgery
Use index.php of pub directory rather than the root directory.
This feature exist in most of CMS and Frameworks like Magento and Laravel. This feature will avoid direct access to the root directory and keep our site safe from hackers.
