Phoenix - Your AI AssistantSecurity Engineer & Deliverability Expert server hardening
- Posted:
- Proposals: 8
- Remote
- #4471549
- OPPORTUNITY
- Open for Proposals
Bollington 
Description
Experience Level: Intermediate
Estimated project duration: less than 1 week
Harden and secure the server & app, validate/restore DB integrity, and configure Brevo + DNS so emails (transactional & notifications) are authenticated and not routed to spam.
Objectives / Deliverables
• Security audit report (1–2 pages): vulnerabilities found, priority fixes, risk rating.
• Implement immediate hardening: disable root SSH, create non-root user, rotate keys, setup firewall (ufw/iptables), fail2ban, disable unused services, TLS setup, update packages.
• Restore/verify DB integrity (if backups exist) and confirm model artifact location.
• Configure monitoring/logging (simple): log rotation, basic log shipping (or UptimeRobot/health checks).
• Implement SPF, DKIM, DMARC for Brevo & verify domain authentication (DNS records added). Test deliverability and provide evidence (MXToolbox / mail-tester results).
• Produce a short runbook: backup, emergency restore, how to rotate keys and add new deploys.
• 14-day post-migration monitoring period (optional) — respond to critical incidents.
Acceptance criteria
• Server hardened and accessible via non-root user; SSH keys rotated.
• Post-hardening scan shows no critical vuln (report included).
• SPF/DKIM/DMARC implemented and passing; Mail-Tester score > 7/10 or similar confirmation from Brevo.
• Backup taken & DB dump with checksum available.
• Clear runbook provided.
Skills & experience
• Linux sysadmin experience; real world hardening projects.
• Experience with Hetzner/ServerMania or typical cloud hosting.
• Strong email deliverability knowledge (SPF/DKIM/DMARC + Brevo or Sendgrid).
• Penetration testing/OS hardening certs desirable (e.g., CIS, OSCP).
Timeline & budget (suggested)
• Timeline: 2–5 days for audit + hardening; 14 days monitoring optional.
Objectives / Deliverables
• Security audit report (1–2 pages): vulnerabilities found, priority fixes, risk rating.
• Implement immediate hardening: disable root SSH, create non-root user, rotate keys, setup firewall (ufw/iptables), fail2ban, disable unused services, TLS setup, update packages.
• Restore/verify DB integrity (if backups exist) and confirm model artifact location.
• Configure monitoring/logging (simple): log rotation, basic log shipping (or UptimeRobot/health checks).
• Implement SPF, DKIM, DMARC for Brevo & verify domain authentication (DNS records added). Test deliverability and provide evidence (MXToolbox / mail-tester results).
• Produce a short runbook: backup, emergency restore, how to rotate keys and add new deploys.
• 14-day post-migration monitoring period (optional) — respond to critical incidents.
Acceptance criteria
• Server hardened and accessible via non-root user; SSH keys rotated.
• Post-hardening scan shows no critical vuln (report included).
• SPF/DKIM/DMARC implemented and passing; Mail-Tester score > 7/10 or similar confirmation from Brevo.
• Backup taken & DB dump with checksum available.
• Clear runbook provided.
Skills & experience
• Linux sysadmin experience; real world hardening projects.
• Experience with Hetzner/ServerMania or typical cloud hosting.
• Strong email deliverability knowledge (SPF/DKIM/DMARC + Brevo or Sendgrid).
• Penetration testing/OS hardening certs desirable (e.g., CIS, OSCP).
Timeline & budget (suggested)
• Timeline: 2–5 days for audit + hardening; 14 days monitoring optional.
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.