For more detail, refer to the guide [http://www.linux-faqs.info/security/force-strong-passwords| Force strong passwords]

Use password aging: the <tt>chaging</tt> command on Linux servers allows checking of password age by user and setting of password aging parameters [http://linoxide.com/linux-command/password-expire-chage-command/| link].

In some cases it may be prudent to enabled account locking for accounts that have been under particularly concerted attacks. On Linux systems, the faillog command can be used to check failures and to set failure limits. For more details see [http://www.cyberciti.biz/tips/rhel-centos-fedora-linux-log-failed-login.html| Faillog]. Great care should be taken when enabling user locking as an attacker can simply deny users access to their own services by intentionally locking an account. Generally it is better practice to ban the attacker before the need for account locking is encountered.

Private keys should be used for SSH login access. The following guide gives details on generating and setting up public/private keys for SSH login, [http://support.suso.com/supki/SSH_Tutorial_for_Linux| SSH tutorial]. Once SSH keys have been set up for all relevant users, disabling password-based logins should be considered.

File permissions should be restricted for critical files. User should only be allowed access to files relevant to their work. Execution as root should be restricted. Discussion of [http://www.linux.com/learn/tutorials/309527-understanding-linux-file-permissions| linux file permissions].

Firewall can be enabled via [http://www.netfilter.org/projects/iptables/| iptables] the guides [http://www.tecmint.com/basic-guide-on-iptables-linux-firewall-tips-commands/| here] and [http://www.cyberciti.biz/faq/category/iptables/| here] describe iptables configuration.

This [http://www.cyberciti.biz/faq/linux-log-files-location-and-how-do-i-view-logs-files/| guide] describes the location and purpose of common Linux log files.

To ensure that information is not lost, overwritten or that the logs do not grow infinitely the tool [http://www.thegeekstuff.com/2010/07/logrotate-examples/| Logrotate] can be used.

Installing a tool like Logwatch allows you to monitor and respond to suspicious activity. The following [https://www.digitalocean.com/community/articles/how-to-install-and-use-logwatch-log-analyzer-and-reporter-on-a-vps| guide] describes installing and configuring Logwatch.

[http://selinuxproject.org/page/Main_Page| Security Enhanced Linux(SELinux)] is a kernel level security control mechanism, which enforces a set of rules and procedures for the system. SELinux provides fine grained control for access rights and permissions.

[http://www.fail2ban.org/wiki/index.php/Main_Page| Fail2ban] is an excellent tool that can be used both to combat simple DDoS attacks but also to detect and block brute force login attempts.

[http://www.tecmint.com/apache-security-tips/| 13 Apache Web Server Security and Hardening Tips]

[http://xianshield.org/guides/apache2.0guide.html| Apache 2.0 Hardening Guide]

[http://www.greensql.com/content/mysql-security-best-practices-hardening-mysql-tips| MySQL Security Best Practices]

[http://rochakchauhan.com/blog/2013/11/19/security-and-hardening-tips-for-mysql/| Security and Hardening Tips for MySQL]

[http://www.securethelock.com/2014/01/09/12-steps-for-hardening-mysql-from-attackers/| 12 steps for Hardening MySQL from Attackers]

'''Wordpress Security''' is described in detail in the following [http://codex.wordpress.org/Hardening_WordPress| guide].