Non-negotiable

Server setup is going to dictate much of these measures. This assumes we are using our own server. Strong passwords when passwords are used. SSH-only webserver access. Avoid using root users on webservers. Sanitize user input. HTTPS throughout the request chain Implement Cloudflare Ensure there is a plan in place to keep servers patched and safe over time (even if we are not going to do maintenance work) Avoid sending client passwords by email. Invite to 1pass. Implement two-factor auth all the time

Default

Ensure basic firewall is in place (fail2ban) Hide system files below web root Avoid using 777 permissions Log and monitor login attempts

Advanced

Disallow remote access to database Change admin passwords on a timed interval Implement server monitoring software to alert us of unauthorized requests

Extreme

Do not use public DNS