- • Client had PHP-based application running critical service offerings for Tax filing
- • They wanted to secure the application and monitor for service failures, so that they get alerted as soon as application services go down
- • Client wanted to manage access to the servers securely and wanted access control management based on roles for servers
- • Wanted to protect the application against DOS and DDOS attack
- • Monitor application services for failures and response time
- • Manage security update for OS and system side
- • Configured monitoring tools using open-source stack like Sensu, Grafana and ELK stack
- • Wrote custom monitoring scripts to do application service and API endpoint monitoring through which custom workflow could be monitored for application response time.
- • Application logs were aggregated via ELK stack and made available to application team for required troubleshooting
- • OpenVPN was configured for secure access to servers in Azure Cloud. Application team had user-level access to access only application files. With required sudo privileges to do only service restarts. Only Infra Admin team had access to configuration application services.
- • Azure WAF service was configured with rules to secure access to internet against DOS and DDOS attack.
- • Only necessary ports were exposed over internet for access over internet. Other application ports were accessible over VPN