One of the most important aspect to think deeply about before deploying your application to the world is the security of your server. You want to keep your data and source code safe. Data breaches can cost millions of dollars to companies. A recent example is the Facebook Cambridge Analytica data breach in early 2018 when millions of Facebook users data was used for political advertising without their consent.

This article is intended for people new to deploying applications to linux server, where they collect data from users and store it in a database. Your goal is keep the data safe.

1. Consider securing your network. You should configure your firewall to allow only traffic requests you need, and deny everything else. One of the simple way to configure your firewall is to use UFW, or Uncomplicated Firewall. By default UFV is installed on Ubuntu, and it denies incoming and allows outgoing connections. You need to create rules that explicitly allow legitimate incoming connections such as SSH or HTTPS.
2. Use Cloudflare content delivery network (CDN) to avoid delays in loading web page content and prevents any malicious requests, such as DDoS attacks, from reaching your server.
3. Use Nginx over Apache web server. “NGINX is a high performance, highly scalable, highly available web server, reverse proxy server, and web accelerator (combining the features of an HTTP load balancer, content cache, and more).” Nginx allows more connected users per server, better bandwidth utilization, less CPU and RAM consumed.
4. Do not deploy application as the root user. You must first disable root user login using a password, and make sure you enable the public/private key based login. The application should always be hosted on another user account with less privileges than a root user. This way if you have some insecure code in your application which may allow a hacker to get on your server account where the app is hosted, the hacker will not get root access because the app is not running the root user account.

These were some of the tips I follow before deploying any web application. If you have any more tips, share them with us via comments.