A complete approach to security requires proactive approaches to preventing, detecting, and responding to attacks. A complete discussion of security is beyond the scope of this guide. The purpose of this section is to cover standard precautions and recommendations to help secure a Red Hat Web Application Framework installation.
Minimize the number of users who have shell access to your application servers and database server. WAF and CMS have been designed such that users should not need shell access in order to perform regular or administrative functions.
If you are using Red Hat Enterprise Linux, keep your systems up-to-date with Red Hat Network.
Shut down any unnecessary services on your servers.
As described in Chapter 1 Deployment Architecture, your application and Web servers should be behind a firewall, and database servers should be behind multiple firewalls or preferably be entirely on a private network.
You may also consider running a host-based firewall on each server, such as iptables in Red Hat Enterprise Linux.