Thx for the post & feel free to elaborate. While we can’t please all, we are always open to constructive feedback. To be fair:
a) we’re a bunch of FOSS idealists. So no affiliate links, sponsorships, crypto-shadiness or any other bullshit on our website
b) we make it pretty clear none of those services is the panacea. We’re still convinced they’re better than Big Tech/GAFAM
c) we mention caveats/criticism where deemed necessary, e.g. Mozilla’s conflict of interest, Signal’s privacy flaws, etc.
d) we always mention a couple of alternatives, so that readers can pick & choose according to their needs
Below a couple of ideas, some building on what has already been stated. It’s all detailed here:
Feedback really welcomed, as there’s always something to be learned in server security :)
–
General hardening:
SSH:
MySQL (if applicable):
Apache (if applicable):
PHP (if applicable):
Network security (sysctl):